[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] security question

Subject: Re: [cobalt-users] security question
From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
Date: Fri May 31 07:57:09 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

"Peter Masloch" <peter@xxxxxxxxxxx> wrote:
> My Raq 2 will host one domain and the e-mail for this domain. I was just
> wondering what might be the best (and most secure way) to setup one
> domain? If i setup my domain as the main domain, then everybody comes
> very easy to the login window from www.mydoamin.com/admin which makes me
> feel uncomfortable. Would it be a good idea to setup the domain as
> virtual domain with a second IP?

Unless you remove the alias to /admin (in httpd.conf or srm.conf) that
directory accesses the GUI from any site so your solution won't help.  You
could always obfuscate the GUI location by changing that alias directive.
There are no negative side affects.

> Also i was thinking about the "admin"
> account. Is it possible to replace the username "admin" with another
> username?

Probably, but you'd have to change *a lot* of hard-coded files so I'd advise
against it.  I suggest tunneling your GUI through SSH so your communication
with it is encrypted.  You'll need to install SSH, but you should do so
anyway for security reasons and then disable telnet.  I'd also setup an
alias for admin to an unprivileged user so you don't have to send admin's
password in plain text to check admin email.

> I actualy didn't see any processes running as "admin". I would
> be thankful for any thoughts, hints or ideas.

The port 80 web server runs as httpd, the admin web server runs as root.
The only processes that will run as admin are processes you run while logged
in as admin or cron jobs you setup to run as admin.  Since your subject uses
the word security, I assume you are concerned about security, as you should
be.  There are many things you can do to improve security.  I would suggest
spending several hours reading/searching the cobalt-security and cobalt-user
archives.  Some programs you may want to consider include ipfwadm,
portsentry, logsentry, hostsentry, lionfind, chkrootkit, John the Ripper,
tripwire, snort, gnupg, SSL, SSH, etc.

--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/

Follow-Ups:
- RE: [cobalt-users] security question
  - From: Peter Masloch

References:
- [cobalt-users] security question
  - From: Peter Masloch

Prev by Date: Re: [cobalt-users] Second install of PostgreSQL on XTR?
Next by Date: Re: [cobalt-users] raq xtr alias issue
Previous by thread: [cobalt-users] security question
Next by thread: RE: [cobalt-users] security question

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index

Sun Cobalt and other Linux administration by Zeffie
A Sun Cobalt and Linux Specialist Since 1999
Sun Cobalt Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of Sun Cobalt Updates!
Sun Cobalt Spam Filter, Security, Firewall, Anti Virus Products.
734-454-9117 US Toll Free 800-231-4459

Zeffie's Sun Cobalt Restore CD's

Click here to buy me a drink at the local pub!
(includes tip and paypal fees)