Slackware System Hardening - Security
This is a discussion on Slackware System Hardening - Security ; Just in time for Slackware 11.0, the new and improved Slackware System
Hardening document for Slackware 10.2.
A couple of the older versions:
Slackware System Hardening
Re: Slackware System Hardening
On 02.09.2006, firstname.lastname@example.org wrote:
> Just in time for Slackware 11.0, the new and improved Slackware System
> Hardening document for Slackware 10.2.
Could you stop writting such crappy "security" guides?
You *blindly* advise to stop Sendmail, Apache, BIND, inetd and so on.
You don't advise not to install them, just to shut them down.
Allowing users to run different shells allows them to bypass any security
restrictions set on their login shell.
How could that be true? How would the `removepkg zsh' add _anything_ to
Stop fsck from running every 22 boots. The new setting means fsck only
runs every 6 months. If you would like to fsck more often, then adjust
Very good advice. Pretty damn good! Who needs fsck? And how is it going
to work with ReiserFS or XFS?
Also, removing slrn, nn, strace, gdb and nc adds very much to system
# Kick and lockout users that are UID 0 but are not root
if [ `id -u` = "0" -a `echo $USER` != "root" ]; then
# Lock the user out
passwd -l $USER
# Save some info
date >> /root/****
netstat -peanut >> /root/****
ps auxww >> /root/****
w >> /root/****
ROTFL. It's pretty easy to avoid running /etc/profile.
Niektórzy lubi± dozziego...
Oczywi¶cie szanujemy ich.