[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Fresh Box
- Subject: [cobalt-users] Fresh Box
- From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
- Date: Mon Apr 23 16:53:01 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Y'all would be proud of me.
I rented a new RaQ4 today, and set about determined to do all of this
stuff myself... basically to see if I *could* do it at this point. :)
First I turned off everything that I didn't need - DNS wasn't on yet,
so basically I just turned off everything else but telnet and email.
Then I changed root's password.
The box came (amazingly enough) with all but the latest 3
updates/patches installed, and pop-before-smtp. I was pleasantly
surprised. Got the patches up to date and put in pop-before-smtp.
I installed openSSH2 and disabled telnet.
Installed portsentry, logcheck, tripwire, lcap, chkrootkit, and
ipchains (not in that order. ipchains went in first.). Got it all
running, too. Just have to get to where I actually understand how to
work ipchains; I'm getting there VERY slowly. Rodolfo's helping. :)
I turned off IMAP, and killed the activemonitor's yelling thanks to
Shimi's post in the security list.
Installed MySQL 3.23, and Webalizer - making sure, of course, that I
changed the webalizer script so that it would chown to nobody so I
wouldn't have FrontPage jumping down my throat. Changed the default
password for MySql.
I did a whole bunch of my own little tweaks to webalizer.conf,
srm.conf, access.conf, proftpd.conf and httpd.conf to get things the
way I like them.
I got all of this stuff installed and working on my own! A couple of
months ago I paid Zeffie to do most of this stuff for me because it
got me so lost!
I'm a pretty happy camper at the moment. Can ya tell?
Even better, every step that I took, I put into a file. When I get
finished tweaking ipchains I'll try to put that knowledge into the
file as well and then I'll post it to the list.
I'm wondering now if I should tackle snort - or should
ipchains/portsentry/logcheck/tripwire/lcap/chkrootkit be enough?
I'm also wondering if I should update BIND any further. On the
security list there's a new local exploit going 'round but no patch
out for the RaQ4 yet. Anyone have any info on the latest version of
BIND, where's the best place to get it, and does it run smoothly on a
RaQ4?
Thanks to all of YOU - couldn't have done this a few months ago. Your
help and knowledge has been invaluable!
*big stupid goofy grin*
CarrieB - heading for the couch now