[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Rebuilding after Haq - No SSH

Subject: RE: [cobalt-users] Rebuilding after Haq - No SSH
From: "Devin Smith" <devinsmith@xxxxxxxxxxxxxxx>
Date: Sun Jul 7 08:43:01 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

I was looking at the great ideas everyone was using to secure a cobalt
server, and here are a couple other things for you to help
protect/obscure more:

In the /etc/mail/sendmail.cf file, change the SmtpGreetingOption to
something obscure.  I like to report that my server is something that it
is not.  While this doesn't STOP anything, it certainly throws some
(unfortunately not all!)of the skript kiddies off.  It's always fun to
make someone believe you are driving a 1979 chevette when it's really a
Cadillac Escalade in the garage. :-)

In the /etc/httpd/conf/httpd.conf file, add this line:

ServerTokens ProductOnly
..this will tell Apache to only respond that it is an Apache server - it
won't reveal version information or any modules you have installed.
Again, it won't do anything to stop anyone, but it's another roadblock
that helps hide some of the information that Apache spews to anyone who
wants it.  I personally would like to see SunCobalt change this to be
the default response in their servers!

Hope this helps everyone!

-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of Revd leonard
payne
Sent: July 6, 2002 12:51 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] Rebuilding after Haq - No SSH


on 6/7/02 18:51, Marcos Gurgel at lists@xxxxxxxxxxxxxxxx mumbled
something
like:

> 
> 
> Beware that NiftyTelnet only connects through SSH 1, which you 
> shouldn't be using. MacSSH seems to be the only SSH2 client for 
> Classic. If you installed SSH 3.4 with privilege separation, 
> compression won't work, and that is probably why you can't connect 
> using MacSSH.
> 
> When creating a new connection bookmark in MacSSH, click on the SSH2 
> tab. Under compression, select <none>. That should solve it.
> 
>

Thank you - splendid description. We bow down ..... we are not worthy..

Thanks again and blessings


Revd Leonard

_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users

References:
- Re: [cobalt-users] Rebuilding after Haq - No SSH
  - From: Revd leonard payne

Prev by Date: Re: [cobalt-users] RE: NTP Servers Again
Next by Date: [cobalt-users] Chkrootkit pre-0.36
Previous by thread: Re: [cobalt-users] Rebuilding after Haq - No SSH
Next by thread: RE: [cobalt-users] Rebuilding after Haq - No SSH

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index