[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: more aesthetic /etc/issue

>>>>> "Marcus" == Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de> writes:

    Marcus> Hi, On Sun, Mar 21, 1999 at 09:58:24AM -0600, Andrew G
    Marcus> . Feinberg wrote:
    >> When my /etc/issue(.net) proudly proclaimed that I ran Linux,
    >> people would always try the latest DoS and whatnot upon me. I
    >> believe there was a phrack article on this issue...system
    >> security should always be a priority for Debian, and the first
    >> thing someone sees when they telnet to your machine can be a
    >> security asset or a nightmare.

    Marcus> please note that this is a false sense of security.

Aye! 'Security through obscurity' is not an option. Better not to do anything
at all then...

    Marcus> Never rely on false sense of security. Better keep an eye
    Marcus> open, your machine up to date, and always close all
    Marcus> services you don't need or use.

Go through /etc/inetd.conf and coment out everyting is one of the first
thing i do (I only have talk/ntalk/smtp/imap2/bootps/tftp open, with very
restricted /etc/hosts.allow rules, with 'ALL: ALL' in /etc/hosts.deny).

I make sure  that as few daemons is run on the machine, and put appropriate
firewall entries, to block stuff only meant for my internal net (eth1) to
go out on eth0...

-- 
Clinton SEAL Team 6 supercomputer Khaddafi Ft. Bragg security
ammunition Ft. Meade AK-47 Albanian World Trade Center Soviet Honduras
North Korea genetic
Reply to: