Re: [cobalt-users] Installing SSH2, IPChains, Portsentry,Logcheck, Tripwire, Chkrootkit, Lionfind, Whois, lcap and more

[Jay Summers <jay@xxxxxxxxxxxxxxxxxxxx>]

>> Okay guys,
>> I am still not done with the ipchains thing. I am a *lot* closer but
>> there's a little blurp that's keeping me from finishing. So that I
>> didn't leave anyone hanging, I figured I'd post what I have so far.
> If
>> anyone sees any errors in this, or shorter ways of doing it, or more
>> helpful explanations, please let me know.
>> Warning: As with most of my posts, it's LONG. :)
>> 
>> CarrieB
>> 
> <snip>
> 
> I'm also greatly impressed by Carrie's HOW-TO. I'd very much like to
> install much of the security programs Carrie describes, but how do I
> ensure there's enough space on my RaQ?

I agree. Way to go Carrie! Glad to have you back on the list. ;)

> I've just started out with a RaQ4 with a 20GB HD, and installed
> OpenSSH and upgraded MySQL to version 3.32 a few days ago. In the
> process I used up almost all the available space in the operating
> system/programs partition and active monitor started to squeal... I
> had downloaded source files to /usr/src, and done the 'make' there,
> and so I could delete these so that active monitor would calmed down.
> The 'programs' partition seems only to be 920 MB. Should I move some
> files into 'home' and simlink them? And if so, which ones are
> recommended? Or should I adopt some other approach to getting these
> programs installed?

When I installed MySQL I put it in the /home directory with the
--prefix=/home/mysql option. I believe others have moved MySQL to the /home
directory and used symlinks. I'd take a look in the archives for that. I
would say that most of the more experienced ppl on the list recommend
installing from sources. That way you have more control over where and how
things get installed.

> One other small query... I have read quite a bit on this list about
> using SSH in place of Telnet. Does it go without saying that people
> are also administering their RaQs using the GUI, but through SSH
> (opening the SSH port and 'tunneling port 81' as at the end of
> http://www.cobalt.com/support/kb/search.php3?ques=ssh&qid=534&language
> =1)? I guess so but haven't heard anything on the list about that.
> Rather foolish if one doesn't (I haven't yet!), since I guess one
> would be bolting one door while leaving the other wide open?!

Yes it would! I've installed the latest OpenSSH and I only use
portforwarding to administer my Raq2 gui. It works great on my windoze box
but doesn't on my Mac. It seems that portforwarding only works with FTP on
my mac's. I believe you can use SSL with the GUI on Raq3's and up, but I'm
not sure what kind of Raq you have. You should definitely install SSH to
replace Telnet at a minimum.

HTH,
j