Focus on Linux Mode:
(Page 17 of 57)  < Prev  12 13 14 15 16 17 18 19 20 21 22  Next >
Securing Fedora Core 4 2005-09-21
AragonX (aragonx dcsnow com)
I am trying develop a method to secure my servers. I'll list the steps I
am going to take. Can you please review and make any additional
suggestions. Thank you.

Install & configure Tripwire http://sourceforge.net/projects/tripwire/
Install & configure Snort http://www.snort.org/
Install & config

[ more ]  [ reply ]
Re: Re: Linux hardening 2005-09-15
chiraeep chhaya gmail com
All,
In addition to your wonderful suggestions, I would like to point out one more item that must be performed when hardening a Linux, or any other, system - and that is specifically hardening the TCP/IP stack.
Although this step may sound unwanted or marginal, it can save you a lot of headaches si

[ more ]  [ reply ]
scanning for windows spywear with linux 2005-09-05
Mailing List (maillist freedomsoftware co uk) (2 replies)
Can anyone recommend any tools which will allow me scan for spywear on
windows drives/partitions/shares etc?

What I'm thinking of is having a linux live cd which I can boot then use
clam-av to scan for viruses and some other app which will scan for
spywear.

Thanks

[ more ]  [ reply ]
Re: scanning for windows spywear with linux 2005-09-14
Maik Holtkamp (holtkamp medical-city de)
Re: scanning for windows spywear with linux 2005-09-07
Stephen J. Smoogen (smooge gmail com)
Re: Xvfb Question 2005-08-29
Leandro Meiners (lmeiners cybsec com)
basically because I tried the aplication using -nolisten tcp in Xvfb and
it didn't work and I haven't got the source...

On Fri, 2005-08-26 at 22:38 +0100, Glynn Clements wrote:
> Leandro Meiners wrote:
>
> > I'm trying to configure Xvfb to listen ONLY on the loopback address, but
> > I haven't fo

[ more ]  [ reply ]
Re: Linux hardening 2005-08-27
Pär Johansson (par johansson gmail com)
On 8/26/05, Eduardo Tongson <propolice (at) gmail (dot) com [email concealed]> wrote:
> If you really want to harden linux, by all means use PaX+Grsecurity+SSP.
> PaX is better and mature than Redhat's execshield.. or OpenBSD's stackgap/w^x
> But don't take my word for it <http://pax.grsecurity.net/docs/index.html>

There's a a

[ more ]  [ reply ]
Re: Linux hardening 2005-08-25
paavan shah (paavan shah gmail com) (1 replies)
> Many people have recommended mounting /tmp and /var/tmp noexec. This is a good
> idea but keep in mind that it is easy to execute commands even on a noexec
> filesystem (using the ld-linux library). So don't be surprised if some
> slighly clever attacker is running a binary from that location.
>

[ more ]  [ reply ]
Re: Linux hardening 2005-08-25
AragonX (aragonx dcsnow com)
Re: Linux hardening 2005-08-24
Jon Hart (warchild spoofed org) (1 replies)
On Wed, Aug 24, 2005 at 01:11:58AM -0400, Craig Holmes wrote:
> On Sunday 21 August 2005 08:13, AragonX wrote:
> > I'm looking for more preventative measures.  It appears that LIDS and
> > mod_security are the only ones in that role now.
> I recommend tuning php and disabling commands like system an

[ more ]  [ reply ]
Re: Linux hardening 2005-08-26
Eduardo Tongson (propolice gmail com)
Re: SMB : TCP/445 impossible to sniff a document sent to be printed to a MS Spooler Server 2005-08-25
no_spam me com
Hi,

Nothing to prove, it's already unencrypted :)

You can sniff the print job at two places:

or between PC->print_server on TCP/445
(RAW which is PS/TXT/PCL/ blabla or EMF in this case)

or between Print_server->Printer on TCP/515 (LPR) or TCP/9100(Raw printer)
(PS/TXT/PCL/HPGL/GDI/device depe

[ more ]  [ reply ]
RE: linux password cracking tools 2005-08-24
Gusain, Subodh (subodh gusain hp com)
Paul,

The failed attempt locking mechanism that you mentioned can be implemented with PAM modules.

See: http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam.html
And checkout
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.3

Or some creative shell scripting tied in

[ more ]  [ reply ]
Xvfb Question 2005-08-23
Leandro Meiners (lmeiners cybsec com) (1 replies)
Hi List!

I'm trying to configure Xvfb to listen ONLY on the loopback address, but
I haven't found a way to do so.
Does anybody know how? Any help appreciated.

regards,

Leandro

[ more ]  [ reply ]
Re: Xvfb Question 2005-08-26
Glynn Clements (glynn gclements plus com)
Re: Linux hardening 2005-08-23
Sean Finkel (lists protollix com)
paavan shah wrote:

>On 8/22/05, AragonX <aragonx (at) dcsnow (dot) com [email concealed]> wrote:
>
>
>><quote who="Sean Finkel">
>>
>>
>>>I would recommend also securing /tmp (and /var/tmp). Mounting it noexec
>>>and nosuid is a good step to take. As well, I modified my local wget and
>>>curl programs to *not* download t

[ more ]  [ reply ]
RE: linux password cracking tools 2005-08-24
Paul Aviles (paviles adjoined com) (3 replies)
Is there a way to lock passwords for lets say 5 minutes after so many bad attempts and for them to reset automatically after certain period? We do this under Windows and Netware and your email just made me wonder under linux. Just curious if possible or any tips.

Regards,

-pa

-----Original Messag

[ more ]  [ reply ]
Re: linux password cracking tools 2005-08-24
Tom Servo (xtomservox gmail com)
RE: linux password cracking tools 2005-08-24
Kaveh Razavi (c0d3rz_team yahoo com)
RE: linux password cracking tools 2005-08-24
bernie e-mich com
POC /dev/input/event* keylogger 2005-08-24
ebell bluebottle com
/** POC event interface key logger
*
* Records all keystrokes from the event
* devices in /dev/input/
*
* The event interface must be enabled and
* the keyboard must be in raw scancode
* mode, which from testing seems to be the norm
*
* Eddie Bell - ebell (at) bluebottle (dot) com [email concealed]
*
*/

[ more ]  [ reply ]
Cracking bigcrypt/crypt16 password hashes 2005-08-23
Stephen Cartwright (034710 gmail com)
In order to test the passwords on our system, I have been trying to
get John the Ripper and Crack to work with bigcrypt/crypt16. Neither
seems to have support built in for this type of hash and I can't find
anything in the doc or on the internet that has information on how to
do this. .

Does anyone

[ more ]  [ reply ]
Re: Linux hardening 2005-08-23
Norwich University - Information Security (infosec norwich edu) (2 replies)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Since we're talking about Linux hardening...

What do folks suggest as far as files that should be monitored with
integrity checking tools? Obviously, tmp files and other frequently
changed files are out of the question, and it is also impractical to d

[ more ]  [ reply ]
Re: Linux hardening 2005-08-26
Glynn Clements (glynn gclements plus com)
Re: Linux hardening 2005-08-24
Jayson Anderson (sonick sonick com)
(Page 17 of 57)  < Prev  12 13 14 15 16 17 18 19 20 21 22  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus