| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040315145720.GL385@ngolde.de> From: nion at gmx.net (Nico Golde) Subject: a secure base system Hallo harry, * harry <Rik.Bobbaers@...kuleuven.ac.be> [2004-03-15 15:14]: > - use debian testing (stable is too old, unstable is ... well... you > know ;)) yes, unstable works well :) with testing your system isn't secure. > - maybe allow ssh (no root logins)? you can use ssh. a remote root shell have to be forbidden. > ==> is this ok, too paranoia or is there somenting i'm missing, and > cound it be even more safe? iptables > how about a compiler? normally, all soft on it is compiled by hand, but > it is also "necessary" for a local exploit. > > any ideas? remarks? i don't understand the question. regards nico -- Nico Golde | nico@...lde.de | 310777820@ICQ | nion@....net http://www.ngolde.de | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg Fingerprint | FF46 E565 5CC1 E2E5 3F69 C739 1D87 E549 7364 7CFF echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040315/0176cdb3/attachment.bin
Powered by blists - more mailing lists