LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-18-2006, 01:10 PM   #1
Super7
Member
 
Registered: Mar 2006
Location: Oakville
Distribution: Mandrake
Posts: 37

Rep: Reputation: 15
Enough prevention?


Hello if anyone read my other post I got rootkit'd. So I read the posts ppl left me and all the different packages that are out there to save me from this fate again. So here is what I have/having installed and configured and I want to know if I left any gaps.

-Firewall
Shorewall

-Kernel watching and protection
Bastille
Chkrootkit

-Logfile watcher
Tenshi

-Network intrusion detection
Snort

-File integrity checker
Aide

-Locking down configs

sshd (no root logins)
apache (lockdown PHP) would chrooting the htmlroot work, or would it just break apache?
tcp wrappers (Can snort create a list for me to deny?)
Mysql (created strong root password pass phrase, blocked in firewall, and disabled network options, works localhost only)

Is there anything large that I missed? Anything else I can read about and learn to see if it fits my system.

Thanks

Last edited by Super7; 07-18-2006 at 01:27 PM.
 
Old 07-18-2006, 01:37 PM   #2
Vgui
Member
 
Registered: Apr 2005
Location: Canada
Distribution: Slackware
Posts: 496

Rep: Reputation: 31
I would try to set up keys for ssh, instead of just disallowing root login and using complex passwords. I mean _technically_ it is very unlikely to get ssh hacked with a 10+ character password, but with keys in place I really don't see how anyone could get in (they don't even get to the login without the correct private key).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
intrusion prevention proxy/firewall paul_mat Linux - Security 6 04-13-2006 09:28 AM
Apache XSS prevention abhijeetudas Linux - Security 5 03-22-2005 04:37 PM
Virus prevention, in particular the jpg exploit Whiskers Linux - Security 8 10-05-2004 05:21 AM
Email spamming prevention m_sree Linux - Security 4 01-16-2003 09:54 AM
X Window Autostart Prevention Stephanie Linux - General 4 05-12-2001 02:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration