Page 3 of 3 FirstFirst 123
Results 31 to 36 of 36
  1. #31
    Joined
    Sep 2002
    Location
    In and out of Detroit
    Posts
    1,556

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    If you disable the service, it really doesn't matter what the settings are since the program won't be running.

    Ssh's defaults are pretty safe, and in my opinion ssh is a good thing to have.

    "Well, let's just say, 'if your VCR is still blinking 12:00,you don't want Linux.'"
    - Bruce Perens, Former Debian Project Leader

  2. #32
    Joined
    Dec 2000
    Posts
    5,051

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    To answer the question about sendmail, its used to handle system notifications under redhat and redhat based systems.

    Debian uses exim4 instead.

    Gentoo appears to use a virtual mail system net-mail.

    Its best to leave it running as it is set to only route localhost mail. ( It will also cough up error messages that can sometimes be more informative then syslog.)

  3. #33
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Christop54
    I don't have a clue as to how to remotely log into my box, so I don't think I need ssh running. Do I need to disable ssh from/in /etc/init.d if my /etc/ssh/sshd_config is all commented out, and the ssh service is disabled? (In FC3 I disabled the ssh service by: From the "start menu" > System Settings > Server Settings > Services and then find ssh and disable it.)

    That's all you need to do - untick any services in the nice gui services applet (oh, and hit save)

  4. #34
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Bryan
    To answer the question about sendmail, its used to handle system notifications under redhat and redhat based systems.

    Debian uses exim4 instead.

    Gentoo appears to use a virtual mail system net-mail.

    Its best to leave it running as it is set to only route localhost mail. ( It will also cough up error messages that can sometimes be more informative then syslog.)
    Thanks Bryan

    @Spanky - yes, RH based systems use sendmail to email a daily summary of system logs to root (or which ever account it's aliased to go to). I just assumed that's what all systems did (doh).

    Ned

  5. #35
    Joined
    Oct 2001
    Location
    Southern Ontario
    Age
    45
    Posts
    13,194

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Well, this is why it's much harder to attack a Linux box then say a Windows box. Not all Linux boxes are configured the same way. Thus if an attacker figured out a way to net-mail, it would affect most Gentoo systems, but leave most Fadora systems unaffected. Visavera if there was a sendmail attack.

    ---------------------------

    Chris,

    Once you disable ssh from the GUI, you can then open a terminial as root and use the following line to turn ssh off (this way you don't need to reboot ):

    /etc/init/sshd stop

    That should shut ssh down. Sometimes they use a slightly different name for the ssh deamon, so if that doesn't work, just change into the /etc/init.d directory and have a look.

  6. #36
    Joined
    Jul 2001
    Location
    UK
    Age
    51
    Posts
    20,229

    Re: (Newbie question) How do you check to see if your Linux box is secure?

    Quote Originally Posted by Spankin Partier
    Chris,

    Once you disable ssh from the GUI, you can then open a terminial as root and use the following line to turn ssh off (this way you don't need to reboot ):

    /etc/init/sshd stop

    That should shut ssh down. Sometimes they use a slightly different name for the ssh deamon, so if that doesn't work, just change into the /etc/init.d directory and have a look.
    Or you can just hit the big red stop button in the services gui, and untick and save to stop it from starting at next reboot

    Ned

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •