SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi, i'm pretty new to linux, but have been working at it and setting up Slackware. I've used Ubuntu in the past, and quite frankley, used it the way it comes, and assumed it was safe. What things should i do to secure Slackware. Anything special?
Second action is to update when required or when advised by the security mailing-list:
To do this,install slackpkg http://www.slackpkg.org/stable/ for recent stable releases.
*Then uncomment (remove the # ) from a mirror for your slackware-version in /etc/slackpkg/mirrors, then run as root:
There are also probably additional steps you could take depending upon how you use the machine. For example, if you're planning on using this as a server connected to the Internet 24/7, I'd be very tempted to install a file integrity checker like Aide, Samhain, Osiris or Tripwire. Depending on what services you're exposing there may be additional hardening steps you could take.
There are other Slackware repositories of packages out there, but, I do not use them. Robby and Eric are Slackware developers. Their packages are completely trustworthy.
Thanks guys, it seems to be simpler than i thought. it's a laptop, and i'm just using it for personal use, not a server. Thanks guys. I'm not going to mark this solved incase anyone has anything else to add
I tried the link but it asks what type of internet connection i use. I use mobile broadband, what do i put in that box?
Quote:
Originally Posted by dh2k
Then uncomment (remove the # ) from a mirror for your slackware-version in /etc/slackpkg/mirrors, then run as root:
[code]
I did this for the Australian mirror, but i got an error. i first tried the http, but when that didn't work i tried the ftp, but that didn't work either. I'm pretty sure i'm doing it right, and that there's something wrong with the mirror. Can someone confirm the Australian mirror is/isn't working, or provide an alternative Australiain mirror?
root@slackware13:/etc/slackpkg# slackpkg update
Updating the package lists...
Downloading...
Downloading http://mirror.pacific.net.au/linux/slackware/slackware-13.0/ChangeLog.txt...
--2011-07-07 09:16:19-- http://mirror.pacific.net.au/linux/slackware/slackware-13.0/ChangeLog.txt
Resolving mirror.pacific.net.au... failed: Name or service not known.
wget: unable to resolve host address `mirror.pacific.net.au'
Error downloading from http://mirror.pacific.net.au/linux/slackware/slackware-13.0/.
Please, check your mirror and try again.
root@slackware13:/etc/slackpkg#
Remove the executable bit on the service scripts. If you run ls -l /etc/rc.d you'll see something like this:
Code:
-rwxr-xr-x 1 root root 572 Dec 18 2010 rc.consolekit
-rw-r--r-- 1 root root 4.3K Jan 21 22:23 rc.cups
-rw-r--r-- 1 root root 512 Mar 15 23:33 rc.dnsmasq
-rwxr-xr-x 1 root root 22K Jun 10 11:05 rc.firewall
-rwxr-xr-x 1 root root 132 Jun 27 14:37 rc.font
In the first column you see the file permissions, r - read, w - write, x - executable. In this case rc.cups and rc.dnsmasq don't have the executable bit, so that means I'm not running those services. The others have the bit set, so they're executed at startup. If you want to prevent a service being executed at startup, remove the executable bit with chmod:
Code:
chmod -x /etc/rc.d/rc.font
And to enable a service, type:
Code:
chmod +x /etc/rc.d/rc.font
Quote:
Originally Posted by Knightron
I tried the link but it asks what type of internet connection i use. I use mobile broadband, what do i put in that box?
You mean the one that says "Select Type of Internet Address"? If so, most probably you're using "Dynamic Internet IP Address". Click on the "Help" link next to the option for information.
Quote:
Originally Posted by Knightron
Can someone confirm the Australian mirror is/isn't working, or provide an alternative Australiain mirror?
I can't reach it either. But I suppose you can use any other mirror close to your location.
I can confirm that mirror.pacific.net.au has been down for a long time. I do not believe that it is coming back. In my unsuccessful search to find the last post I saw on http://forums.whirlpool.net.au/ (where the sysadmin reported that the server had gone down), I came across this as a possible replacement. http://ftp.iinet.net.au/pub/slackware/
I have not tried this, but will certainly be doing so in the future.
On the security question, if you use secure shell (the sshd daemon), then disable root logins. The LQ Security forum has had some unhappy threads recently where the likely point of entry leading to the server being pwned was an attack on the ssh root password.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.