The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

Поиск:  Каталог документации

17. Review security.

(Sigh...) When I wrote this, this step was important but not crucial; the Internet was a friendlier place even in 1996 than it is today. Now, if your machine has Internet access, this step is utterly vital, and there are whole books devoted to getting it right; I can do nothing more here than offer a few very basic pointers:

Check file permissions and directory permissions to be sure that access is neither too restricted nor too easy. I find that Slackware tends to lean toward a more open environment than I like, so I go around changing 755's to 711's for binaries in the .../bin directories and stuff like that. Or even 700's in the .../sbin ones. Especial care is needed if you've carried over ftp, telnet or web servers; but then, if you were running those, you probably thought of that already. :)

Look at /etc/inetd.conf or /etc/xinetd.conf and make sure you're not running any Internet services you don't need to. Also go through the boot scripts in /etc/rc.d and friends for the same purpose. Check your firewall rules if your box is an Internet gateway or has Internet access.




Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру