Re: Linux security issues?

Zygo Blaxell (zblaxell@tenchi.myrus.com)
26 Jan 1997 05:12:07 -0500


In article <Pine.LNX.3.95.970125225804.30138A-100000@gateway.saturn.tlug.org>,
Mike Frisch <mfrisch@saturn.tlug.org> wrote:
>I am planning on putting a Linux box on the 'net for a web/ftp site. Are
>there any security issues which should be addressed on RedHat 4.0? I am
>running a fairly stock configuration, but have applied the latest wu-ftpd
>to fix an alleged security hole.
>
>(This machine also runs email/news for my home office LAN)

The fairly stock configuration for 4.0 has a number of known problems.

Subscribe to and read mailing lists and newsgroups related to security.
There's a big list of them at

http://www.iss.net/sec_info/maillist.html

Any known security problems have probably already been discussed on
these groups. Check

ftp://ftp.redhat.com/pub/redhat/redhat-4.0/updates/00README.errata

frequently for security-related package updates. Be prepared to update
major security holes ^W^W utilities like sendmail on 24 hours notice.

Of course, the worst problems are the ones that nobody has found yet.
Don't install *anything* that on an Internet-connected machine that is not
*necessary* for what that machine is going to do; you'll be glad you didn't
when the next security hole is discovered in software you aren't running.
This is especially important with distributions like RedHat, which
usually installs packages with less than minimal external access enabled.

-- 
Zygo Blaxell. Unix/soft/hardware/firewall/security guru. 10th place, ACM Intl 
Prog Contest, 1995. Admin Linux+Solaris for food, Tshirts, anime. Pager: 1613
7608572. "I gave up $1000 to avoid working on windoze... *sigh*"-Amy Fong. "smb
is a microsoft toy, like a "child" protocol that never matured"-S Boisjoli.