[ale] Cracked many Linux systems

Fletch fletch at phydeaux.org
Wed Mar 28 10:11:09 EST 2001 

>>>>> "Jonathan" == Jonathan Rickman <infosec at alltel.net> writes:

[...]

    Jonathan> <RANT> At the present time, anyone who places a stock RH
[...]
    Jonathan> Linux. This trend has to stop...  </RANT>

        Wow. :)

    Jonathan> If anyone out there in ALE land has a question related
    Jonathan> to security, please do not be afraid to ask. I am
    Jonathan> willing to help any home user or non-profit org who
    Jonathan> asks, and I'm fairly certain that if I can't answer your
    Jonathan> questions...someone on this list can.

        Building Linux and OpenBSD Firewalls

        http://www.amazon.com/exec/obidos/ASIN/0471353663
        http://www.bookpool.com/.x/tnqkwknkb1/sm/0471353663

        Explains all about how to setup a `block everything except
what I explicitly open' firewall using ipchains.

    Jonathan> <MINIRANT> It wouldn't hurt if the vendors started
    Jonathan> locking down their distros by default either.
    Jonathan> </MINIRANT>

    <FLAMEBAIT MODE="OS Zealot" SEVERITY="humorous">
        From http://openbsd.org: Three years without a remote hole in
        the default install!

        /me reconsiders wiping his franken-upgraded RH6.0 firewall and 
        replacing it with OpenBSD
    </FLAMEBAIT>

        :)

        Seriously though, if you don't have a firewall but you've got
a really old 3- or 486 with a small drive that a recent RH distro or
the like can't fit on (a bare install with no compiler will fit in
under 70M, with compilers in under 100M) consider giving OpenBSD a
try.  I've been playing with it for about 6 months now and really like
it (but then again I cut my teeth on SunOS 4.1.x way back when).  Out
of the box, there's less to lock up with OpenBSD than with most
Linuxen (although I understand that Debian isn't too bad as far as
having gaping holes open).

-- 
Fletch                | "If you find my answers frightening,       __`'/|
fletch at phydeaux.org   |  Vincent, you should cease askin'          \ o.O'
770 933-0600 x211(w)  |  scary questions." -- Jules                =(___)=
                      |                                               U
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list