Security Basics: Re: Linux auditing checklist, documents

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

Re: Linux auditing checklist, documents

From: jm <jm () hcn com au>
Date: Wed, 20 Dec 2006 10:50:51 +1100

Gurpreet Singh wrote:

<snip>
Don't let system issue file to be displayedYou should not display your system issue file when people log in remotely. To do this, you canchange the telnet option in your "/etc/inetd.conf".
To do this change the line in "/etc/inetd.conf":

telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd
to look like:
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd -hAdding the "-h" flag on the end will cause the daemon to not display any
system information and  just hit the user with a login: prompt.  I will
recommend to use sshd instead.
<snip>

I find it ironic that in a discussion regarding linux security youmention having telnetd enabled. These days I'm sure most (all?) distro'sship with telnetd disabled, and IMHO that's the way it should stay.

By Date By Thread

Current thread:

Linux auditing checklist, documents urandom character special device (Dec 18)
- Re: Linux auditing checklist, documents Saqib Ali (Dec 19)
- RE: Linux auditing checklist, documents Clement Dupuis (Dec 19)
  - RE: Linux auditing checklist, documents Simmons, James (Dec 21)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 19)
  - Re: Linux auditing checklist, documents jm (Dec 21)
- Re: Linux auditing checklist, documents Devdas Bhagat (Dec 19)
- <Possible follow-ups>
- RE: Linux auditing checklist, documents Hayes, Bill (Dec 19)
- Re: Linux auditing checklist, documents barcajax (Dec 19)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 21)
- Re: Linux auditing checklist, documents jsimmons (Dec 21)