[lug] Interesting Crash Report

Jarosko, Bill Bill_Jarosko at adc.com
Wed Mar 21 13:22:01 MST 2001 

UUGH... reboots, mentioned here ....uuugh... just restart inetd....

> -----Original Message-----
> From: Brad Doctor [mailto:bdoctor at ps-ax.com]
> Sent: Wednesday, March 21, 2001 3:23 PM
> To: lug at lug.boulder.co.us
> Subject: Re: [lug] Interesting Crash Report
> 
> 
> Two tools may be of interest to you:
> 
> gnorpm -- Graphical RPM manager, can add, remove, query, etc.
> 
> control-panel -- Graphical system config utility, including 
> removing items from
> startup.  Runlevel 3 is what you are interested in if your 
> system boots to
> the command prompt (and you then login, and "startx"), 
> runlevel 5 is what you
> want if you boot directly to XDM / some other graphical X 
> login screen.  I
> would do both if you are not sure.  
> 
> The easiest thing is to restart your machine after you have 
> disabled your
> services, just to be sure -- control-panel will only remove them.
> 
> As an example, I only run the following on my workstation:
> 
> S10network (init.d/network)
> S12syslog  (init.d/syslog)
> S20random  (init.d/random)
> S35identd  (init.d/identd)
> S55sshd    (init.d/sshd)
> S90crond   (init.d/crond)
> S90xfs     (init.d/xfs)
> S99snmpd   (init.d/snmpd)
> 
> If you are brave, don't run anything you are not familiar 
> with.  Otherwise, 
> be absolutely certain you know what each service does, and 
> what it requires
> to be secure when running (patches, configs, etc.).  As a 
> general rule, don't
> run anything you don't need.  Less system overhead, lower chance of
> compromise.  A workstation needs very little to operate 
> properly.  In my
> list, the only *required* elements are network,xfs.  The rest 
> are optional
> in terms of system functionality. (yes, you can run without syslog)
> 
> Also, the required elements are basic to my needs -- not the 
> system, if you
> don't need an interface and networking :)
> 
> -brad
> 
> 
> > 
> > First, thank you Scott and D. Stimits for confirming my 
> fears and also
> > for the advice.  I failed all those tests, except lsof, 
> which appears
> > not to be on my machine; what/where is it?  I have re-installed 6.2,
> > changed my password, killed rpc.statd (how do I disable it, please),
> > and renamed nfslock.  I hope to be safe for another ten 
> minutes or so.
> > 
> > I have studiously avoided security issues until now because I have
> > plenty of other things to do with my time and I know that a good
> > number of hours will be consumed by it.  I have trusted in a quick
> > connect and disconnect policy for my security.  This has 
> worked quite
> > well really: I was caught when I started surfing a little.  
> However, I
> > suppose the hour cometh, so I have more questions.
> > 
> > What I should like to do is have a two or three machine 
> local network
> > in the house connected to the outside world via the 
> television cable;
> > the latter for speed and to avoid preventing use of the telephone.
> > The local network must accomodate MS NT etc. as well as Linux.  I
> > assume that this is a very common setup.  Is that true?  Is it a
> > sensible way to go?  Is there something better, and why is 
> it better?
> > Do I tie myself to AT&T, or can I use my present ISP, etc?
> > 
> > I should like to understand what I am doing, rather than 
> simply follow
> > a procedure.  Although, in truth, that is only because I know that I
> > shall have to fiddle with it later.  So, a question is: where do I
> > read about what to do?  What is the best starting point; 
> HOWTOs, buy a
> > book (which one), BLUG archives, or what?
> > 
> > I have read the term ipchains many times; are they part of a good
> > technique?  What about tummy's isinglass?  I have heard 
> that a router
> > is a good security device; and I have heard that a router is a bad
> > security device.  How secure is RedHat 7.1?
> > 
> > Yours in ignorance, but hopeful.
> > dajo
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>

More information about the LUG mailing list