[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Fresh Box
- Subject: Re: [cobalt-users] Fresh Box
- From: Hendrik Runte <cobalt@xxxxxxxxxx>
- Date: Mon Apr 23 17:43:05 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
am 24.04.2001 9:44 Uhr schrieb Carrie Bartkowiak unter ravencarrie@xxxxxxxx:
> Y'all would be proud of me.
> I rented a new RaQ4 today, and set about determined to do all of this
> stuff myself... basically to see if I *could* do it at this point. :)
> First I turned off everything that I didn't need - DNS wasn't on yet,
> so basically I just turned off everything else but telnet and email.
> Then I changed root's password.
> The box came (amazingly enough) with all but the latest 3
> updates/patches installed, and pop-before-smtp. I was pleasantly
> surprised. Got the patches up to date and put in pop-before-smtp.
> I installed openSSH2 and disabled telnet.
> Installed portsentry, logcheck, tripwire, lcap, chkrootkit, and
> ipchains (not in that order. ipchains went in first.). Got it all
> running, too. Just have to get to where I actually understand how to
> work ipchains; I'm getting there VERY slowly. Rodolfo's helping. :)
> I turned off IMAP, and killed the activemonitor's yelling thanks to
> Shimi's post in the security list.
> Installed MySQL 3.23, and Webalizer - making sure, of course, that I
> changed the webalizer script so that it would chown to nobody so I
> wouldn't have FrontPage jumping down my throat. Changed the default
> password for MySql.
> I did a whole bunch of my own little tweaks to webalizer.conf,
> srm.conf, access.conf, proftpd.conf and httpd.conf to get things the
> way I like them.
>
> I got all of this stuff installed and working on my own! A couple of
> months ago I paid Zeffie to do most of this stuff for me because it
> got me so lost!
> I'm a pretty happy camper at the moment. Can ya tell?
>
> Even better, every step that I took, I put into a file. When I get
> finished tweaking ipchains I'll try to put that knowledge into the
> file as well and then I'll post it to the list.
> I'm wondering now if I should tackle snort - or should
> ipchains/portsentry/logcheck/tripwire/lcap/chkrootkit be enough?
>
> I'm also wondering if I should update BIND any further. On the
> security list there's a new local exploit going 'round but no patch
> out for the RaQ4 yet. Anyone have any info on the latest version of
> BIND, where's the best place to get it, and does it run smoothly on a
> RaQ4?
>
> Thanks to all of YOU - couldn't have done this a few months ago. Your
> help and knowledge has been invaluable!
>
> *big stupid goofy grin*
> CarrieB - heading for the couch now
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
Hi Carrie,
I'm very impressed. I entered this list in mid-january, I think. One of the
first things I read was your good experience with zeffie and his $25
challenge. It's not a couple of months ago, but a couple of days, isn't it?
Wow. I wish I could be as progressive as you!
BTW, I don't know if snort is useful for you, but I found some how-to on
http://www.linuxnewbie.org (check the column on the right hand). And I made
the experience that simply installing snort is not enough. There's quite a
lot to do after installation to tell snort not to yell for every single
little port scan. It's log files can get very long. I'm still figuring out
the best way...
Glad, your back.
Hendrik.