Robert Dege rdege at cse.Buffalo.EDU
Mon Apr 9 12:51:12 EDT 2001

I have had recent experience with all 3.

	ipchains -- for controlling access in & out of your system
	tripwire -- Detecting File System alterations
	nmap -- used to make your box "less" detectible from the outside
	format -- cleaning up after a breach :)

Another thing that would be cool to go over would be FrameBuffer
Devices.... for the console at least.  I have found the most benefit using
it through console, offering high resolution & such.  You get really
cool results with minimal work (minus kernel compiling).


> 1) Protection from intrusion (per machine and site wide)
> 2) Intrusion detection
> 3) Clean up after a breach
> I have some ideas on item 1, have little experience with item 2 and have never
> had to do item 3.  Is there anyone in the group (or maybe several of us) that
> could put together some good, sensible information on this stuff?  I remember
> that there was a discussion some time ago about whether no security measure is
> too much versus an assessed risk/cost approach is better.
> I think that we could go a long way towards helping our fellow Linux admins
> (and Unix in general) by trying to generate a list of things to do and what not
> to do in a security conscious environment.
> Anybody have comments/information/(complaints about my use of parenthetical
> phrases :-)?
> Cheers!
> Bob Meyer
> =====
> Bob Meyer
> Knightwing Communications, Inc.
> 36 Cayuga Blvd
> Depew, NY 14043
> Phone: 716-308-8931 or 716-681-0076
> Meyer_RM at
> __________________________________________________
> Do You Yahoo!?
> Get email at your own domain with Yahoo! Mail.


To be intoxicated is to feel sophisticated but not be able to say it.

More information about the nflug mailing list