|
Firewall Wizards
mailing list archives
RE: Securing a Linux Firewall
From: Bruce Platt <Bruce () ei3 com>
Date: Tue, 23 Jul 2002 16:22:21 -0400
Everything on the box that you don't need is a potential way for someone to
grab control of an executable which can cause damage. Just because the
image isn't executed during init processing doesn't mean that someone can't
start it up some other way.
Fred is a belt-and-suspenders type, and it pays here.
If you don't need the executable, get rid of it. Even though it seems
harmless today. There might be an exploit tomorrow. Besides doing so gives
you the added advantage of having more available disk space :-) (OK, so I'm
showing my age).
-----Original Message-----
From: Carson Gaspar [mailto:carson () taltos org]
Sent: Tuesday, July 23, 2002 2:36 PM
To: firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] Securing a Linux Firewall
--On Tuesday, July 23, 2002 12:07 PM -0400 Frederick M Avolio
<fred () avolio com> wrote:
Turn off everything you are certain you don't require.
Actually remove the executables, also. (remove the rpm).
OK - as someone who seems to represent the "remove the executables" camp,
can you explain your reasoning? I've never been able to understand _why_
removing files buys you anything?
(See my previous post for my strategy - castrate all priveleged binaries,
turn off all services, and turn logging to high)
--
Carson
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
Re: Securing a Linux Firewall Kevin Steves (Jul 26)
RE: Securing a Linux Firewall Bruce Platt (Jul 23)
|
Intro
