rdege at cse.Buffalo.EDU
Mon Apr 9 12:51:12 EDT 2001
I have had recent experience with all 3.
ipchains -- for controlling access in & out of your system
tripwire -- Detecting File System alterations
nmap -- used to make your box "less" detectible from the outside
format -- cleaning up after a breach :)
Another thing that would be cool to go over would be FrameBuffer
Devices.... for the console at least. I have found the most benefit using
it through console, offering high resolution & such. You get really
cool results with minimal work (minus kernel compiling).
> 1) Protection from intrusion (per machine and site wide)
> 2) Intrusion detection
> 3) Clean up after a breach
> I have some ideas on item 1, have little experience with item 2 and have never
> had to do item 3. Is there anyone in the group (or maybe several of us) that
> could put together some good, sensible information on this stuff? I remember
> that there was a discussion some time ago about whether no security measure is
> too much versus an assessed risk/cost approach is better.
> I think that we could go a long way towards helping our fellow Linux admins
> (and Unix in general) by trying to generate a list of things to do and what not
> to do in a security conscious environment.
> Anybody have comments/information/(complaints about my use of parenthetical
> phrases :-)?
> Bob Meyer
> Bob Meyer
> Knightwing Communications, Inc.
> 36 Cayuga Blvd
> Depew, NY 14043
> Phone: 716-308-8931 or 716-681-0076
> Meyer_RM at Yahoo.com
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.
To be intoxicated is to feel sophisticated but not be able to say it.
More information about the nflug