banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register  
[Login] Loginhttp  | https  ]
 
Forum Index Thảo luận thâm nhập Mô hình get root (copy tiếng anh)  XML
  [Question]   Mô hình get root (copy tiếng anh) 04/07/2006 09:31:58 (+0700) | #1 | 3688
[Avatar]
micr0vnn
Member

[Minus]    0    [Plus]
Joined: 29/06/2006 15:52:34
Messages: 67
Offline
[Profile] [PM]
Có thể 1 số bạn không hiểu.... bởi vì bạn đó không biết sơ sơ về linux
smilie

- use only Linux
- use shadow password (Run pwconv as root)
- setup LILO password
- keep your Linux up-to-date
- subscribe to bugtrack mailling liste
- read the Linux Administrator Security Guide LASG and Securing-Optimizing-Linux-RH-Edition
- Remove the services you don't use (don't forget inetd services in /etc/inetd.conf)
- Replace inetd by xinetd
Convert your old information: itox -t /usr/sbin/ < /etc/inetd.conf > /etc/xinetd.conf
Update your /etc/hosts.allow to reflect service name and not binary name.
- Your default policy must be deny (ALL:ALL in /etc/hosts.deny)
- Setup a firewall with a default deny policy NetFilter
- Use OpenSSH instead of telnet and configure it correctly (no X forwarding in client, limit simultaneous connection for your server)
If you use Winx, you can get PuTTY, free win32 telnet/ssh client
- Configure your servers to run as non root (Squid,Mysql,Apache,IPLog,Bind,PostFix...)
- If you run an X server with XDM/KDM/GDM, use the last version of XFree server with Xwrapper and deny XDMCP: XDM, KDM : /etc/X11/xdm/Xaccess
GDM : look for [security] and [xdmcp] in /etc/X11/gdm/gdm.conf
- Chrooted BIND/DNS servers
- IPLog: TCP/IP traffic logger
- Nessus: Remote Security Scanner
Use the option "-a 127.0.0.1" to only listen to loopback interface
- Use PostFix instead of Sendmail
Important parameters in main.cf are mydestination and relay_domains
smtpd_banner = $myhostname ESMTP $mail_name
- Use ProFTPD instead of Wu-FTPD
To protect your Linux,

In /etc/proftpd.conf, set
SyslogFacility AUTH
ExtendedLog /var/log/ftp.log AUTH
ServerIdent Off
- Restrict crontab users with /etc/cron.allow
- NMAP port scanner


The password cracker John The Ripper is avaible at http://www.openwall.com/john/.

----------------------------------
Chú ý: không phải server nào cũng get root được... chỉ 1 số ít server mới có thể bị get root.........
----------------------------------
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|