[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] security question
- Subject: RE: [cobalt-users] security question
- From: "Peter Masloch" <peter@xxxxxxxxxxx>
- Date: Fri May 31 21:40:14 2002
- Organization: EasyniX Consulting
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Steve, thank you for your answer.
I'm familiar with SSH (already installed) and the *sentry family.
Admin doesn't get any e-mail since it is already forwarded to
an different user account.
I really like the idea of tunneling the GUI.
Do you know of any link where i can do some reading about it?
Peter
>"Peter Masloch" <peter@xxxxxxxxxxx> wrote:
>> My Raq 2 will host one domain and the e-mail for this domain. I was
>> just wondering what might be the best (and most secure way) to setup
>> one domain? If i setup my domain as the main domain, then everybody
>> comes very easy to the login window from
>www.mydoamin.com/admin which
>> makes me feel uncomfortable.
>Would it be a good idea to setup the
>> domain as virtual domain with a second IP?
>
>Unless you remove the alias to /admin (in httpd.conf or
>srm.conf) that directory accesses the GUI from any site so
>your solution won't help. You could always obfuscate the GUI
>location by changing that alias directive. There are no
>negative side affects.
>
>> Also i was thinking about the "admin"
>> account. Is it possible to replace the username "admin" with another
>> username?
>
>Probably, but you'd have to change *a lot* of hard-coded files
>so I'd advise against it. I suggest tunneling your GUI
>through SSH so your communication with it is encrypted.
>You'll need to install SSH, but you should do so anyway for
>security reasons and then disable telnet. I'd also setup an
>alias for admin to an unprivileged user so you don't have to
>send admin's password in plain text to check admin email.
>
>> I actualy didn't see any processes running as "admin". I would be
>> thankful for any thoughts, hints or ideas.
>
>The port 80 web server runs as httpd, the admin web server
>runs as root. The only processes that will run as admin are
>processes you run while logged in as admin or cron jobs you
>setup to run as admin. Since your subject uses the word
>security, I assume you are concerned about security, as you
>should be. There are many things you can do to improve
>security. I would suggest spending several hours
>reading/searching the cobalt-security and cobalt-user
>archives. Some programs you may want to consider include
>ipfwadm, portsentry, logsentry, hostsentry, lionfind,
>chkrootkit, John the Ripper, tripwire, snort, gnupg, SSL, SSH, etc.
>
>--
>Steve Werby
>President, Befriend Internet Services LLC http://www.befriend.com/
>
>
>_______________________________________________
>cobalt-users mailing list
>cobalt-users@xxxxxxxxxxxxxxx
>To Subscribe or Unsubscribe, please go to:
>http://list.cobalt.com/mailman/listinfo/cobalt->users
>
>