1. Good work to secure your ftpd usage!
Now. Start up your ftpd. Log in. Now issue "ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*" w/o quotes. If you're on 1.2.1, any rc, but I guess rc3 definately, your ftpd will have a mental breakdown due to globbing. Gotta upgrade.
A lot of daemons can be configured to "step down", they will use the root account to bind themselves to a privileged port below 1024, and then transfer themselves to their own less privileged account, like sendmail for instance uses the mail account. If you want to play it safer, look into that. You could also use chroot or jail to place the service in a "sandbox" type of environment where it would behave shielded off from the rest of the box. mind you, this isnt unbreakable.
2. kernel version is either tru "uname", or "cat /proc/version".
I know theres a script outthere thats sposed to convert ipchains scripts to iptables, but to understand it thouroughly I guess I better go tru the conversion manually using the iptables howto at
http://people.unix-fu.org/andreasson/index.html.
If you look in /etc/rc.d/init.d you'll see the SYSV script to start iptables. To start either change the links manuallly in your runlevel, using tksysv or linuxconf.
3. Dont be sorry. In many disciplines/trades/fields Im a newbie too. I mean, my understanding of Nucleic acids and neurotransmitters like L-dopamine is almost nill, my access pass for the Death Star never came tru (hell, I only needed *one* lousy shot), and operating a Comanche seems to be different from what Novalogic tries to teach me :-]
You'll need to find "startx" which I spose is in /usr/X11/bin and change the startup parameters, or change the parameters in the script that supplies parameters to startx, which will be under /etc/X11/(xdm/?)
Ok, you want resources so you dont have to post, but remember asking here not only benefits you, but everyone else that reads these posts.
Ive compiled my list of references a while ago, so theres lotsa stuff inhere you might not be interested in at this point, maybe later on, HTH:
Basic references:
- AUSCERT UNIX Computer Security Checklist (Version 1.1)
www.cert.org/tech_tips/AUSCERT_checklist1.1
- Steps for Recovering from a UNIX or NT System Compromise
www.cert.org/tech_tips/root_compromise.html
In fact read the whole of
http://www.cert.org/tech_tips/
- The CIT Computer Security Handbook:
www.cit.nih.gov/security/handbook.html
- Aging stuff from Phrack, good to read back to be sure, like "Unix System Security Issues"
www.fc.net/phrack/files/p18/p18-7.html
- SEI stuff like
www.sei.cmu.edu/publications/lists.html handling IDS
- Intrusion Detection and Network Auditing on the Internet
www.infosyssec.net/infosyssec/intdet1.htm
Top it off with some reading material on security:
- Security tips:
www.cert.org/tech_tips/ and
www.cert.org/security-improvement/, http://www.securityportal.com/resear...xsecurity.html
- Top ten vulnerabilities:
www.sans.org/topten.htm and
http://www.cert.org/present/cert-ove...ends/index.htm
- Firewalling:
www.infosyssec.net/infosyssec/firew1.htm, www.linux-firewall-tools.com/linux/
- Securing Xwindows:
http://www.uwsg.indiana.edu/usail/ex...d/xsecure.html
Basic Linux references:
http://www.sans.org/infosecFAQ/linux/linux_list.htm
- the LASG or Linux Administrators Security Guide (linuxdoc.org)
- Securing Optimizing Linux RH Edition(1)
*Linuxsecurity.com have a Quickreference pdf card.
Post-Installation Security Procedures (Linuxjournal)
- The Linux-PAM System Administrators' Guide
- A Short Course on Systems Administration and Security Under Unix(1)
- Basics on firewalling:
www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
- Basic introduction to building ipchains rules:
www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
- Explanation of the Ipchains logformat: logi.cc/linux/ipchains-log-format.php3
- Ipchains log decoder: dsl081-056-052.dsl-isp.net/dmn/decoder/decode.php
- The Iptables HOW-TO:
http://people.unix-fu.org/andreasson/index.html
Some allround knowledge/mailinglist sites
Neohapsis archives:
http://www.neohapsis.com
Linux Gazette:
http://www.linuxgazette.com
Experts exchange:
http://www.experts-exchange.com
Or, if ure just cruisin for links, try n read something else, search/visit these places/ppl that mean something: Sans, cert, auscert, lance spitz, dugsong, loki, robert graham, dave dittrich, wietse venema, fyodor, mixter, monark to name but a few.
Also note O'Reilly has a myriad of books which, unfortunately for them, can also be found online, just search for "O'reilly and bookshelf", "o'reilly reference bookshelf" or "o'reilly cd bookshelf".