Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: a secure base system
From: Nico Golde <nion () gmx net>
Date: Mon, 15 Mar 2004 15:57:20 +0100

Hallo harry,

* harry <Rik.Bobbaers () cc kuleuven ac be> [2004-03-15 15:14]:
- use debian testing (stable is too old, unstable is ... well... you 
know ;))

yes, unstable works well :)
with testing your system isn't secure.

- maybe allow ssh (no root logins)?

you can use ssh. a remote root shell have to be forbidden.

==> is this ok, too paranoia or is there somenting i'm missing, and 
cound it be even more safe?

iptables
 
how about a compiler? normally, all soft on it is compiled by hand, but 
it is also "necessary" for a local exploit.

any ideas? remarks?

i don't understand the question.
regards nico
-- 
Nico Golde                | nico () ngolde de      | 310777820 () ICQ | nion () gmx net
http://www.ngolde.de      | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg
Fingerprint               | FF46 E565 5CC1 E2E5 3F69  C739 1D87 E549 7364 7CFF 
echo             "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]