Re: [TCLUG:11577] Security Concerns:

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:11577] Security Concerns:
From: Adam Maloney <adam@iexposure.com>
Date: Tue, 28 Dec 1999 13:02:19 -0600
References: <009701bf5166$77960e20$0200a8c0@marnan.mpls.uswest.net>
Sender: adam@bilbo.intexp.com

Jon,

remote syslog host - if they get in and rm your logs, you can still
screw them!
I've also heard some concerns about using the built-in firewalling on
Linux.  I've seen a few things in bugtraq (maybe not linux, maybe BSD)
about firewall's not always catching all the packets.  There can be
times when the firewall rules haven't initialized and the machine is
vulnerable.  There have also been reports about certain rules not
working, or allowing the wrong packets (as I remember, a TCP payload
greater than a certain size could get through?).

If you're connecting through a router I'd definately consider using any
firewalling software available on the router IN ADDITION to ipfwadm on
Linux.  Just to be safe.  Only if you're paranoid.

Jonathan Kline wrote:
> 
> Hi All:
>     In about a week I'll be building an extreamly secure system.  Foir a
> base OS it will Run Mandrake 6.5, With A Bare Install.  The Main Services
> which are to run on it will Be Compiled by me.  I plan to Install Apache
> 1.3.9, PHP 4, and The Latsest version of Qmail.  TCPWrappers and a IPChanis
> firewall will protect the whole thing.  I plan to make a admin group which
> owns the fiels such as su, startx, X, and mc.For Hard Drive Partitions I am
> Planning:
>     /tmp :: 45MB, nosetuid
>     /var/log :: 50MB,
>     /var/qmail :: 200MB, Qmail Home Dir
>     /var/spool :: 136MB, Spool FIles
>     /usr/local/apache :: 1GB, Apache Home and HTDOCS Root
>     /usr/local/software :: 200MB, nosetuid
>     /home :: 136MB, nosetuid
>     / :: 1GB
>     swap = A Total of 128MB, in 2 Partitions.
> 
> Can anyone see any major or minor security flaws or concerns in this design?
> Any have any ideas for other commands which can only be executed by the
> owner and the admin group?
> 
> Thanks for your input!
> 
> -->Jonathan Kline<--
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org

-- 
Adam Maloney
Systems Administrator
Internet Exposure, Inc.

Follow-Ups:
- Re: [TCLUG:11577] Security Concerns:
  - From: Callum Lerwick <lerwick@tcfreenet.org>

References:
- Security Concerns:
  - From: "Jonathan Kline" <jonathankl@ism-sabis.net>

Prev by Date: Re: [TCLUG:11551] Hardware Question
Next by Date: Re: [TCLUG:11551] Hardware Question
Prev by thread: Security Concerns:
Next by thread: Re: [TCLUG:11577] Security Concerns:
Index(es):
- Date
- Thread