Security Basics mailing list archives
Re: no daemons listening and errata updates (secure or not?)
From: tony barry <tony () no-bull co nz>
Date: Tue, 01 Aug 2006 07:50:42 +1200
I assume as you are applying updates that you are using Fedora Core 5. Just check that the firewall and SElinux are enabled, System / Administration / Security Level and Firewall. On Fri, 2006-07-28 at 22:51 +0800, Michael Boman wrote:
On 7/28/06, sun sadm <sunsadm () gmail com> wrote:Hi colleague I am using Fedora Core as workstation. To lock down the OS, I disable all network daemons: only dhclient is listening for network connections. Furthermore I regularly update my installation using yum. All other setting are out-of-the-box from Red Hat. Is my simple setup secure to be connected directly to the Internet? Does an attacker have a chance to break my workstation? How high is the risk? What can I do to improve the security? How would you break in my system? Please show me vulnerabilites in my setup. NicoThere is always a risk of being compromised, but you are doing good progress. I would put up an iptables firewall to make sure that no errant network service accidentally being enabled would compromise your security (you could investigate blocking outbound traffic too, if you are really paranoid). The rest is basically behavior: only run software that comes from good sources, beware of strangers etc.... If there is no service to break in to (and there is no nasty kernel bug you can exploit), the only way to get in to your system would be tricking you to open it up in one way or another (browser/email client/other software you use exploits, get you to install trojaned software etc...). Best regards Michael Boman
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: no daemons listening and errata updates (secure or not?) tony barry (Aug 01)