Re: LINUX VIRUS ALERT: A DANGEROUS NEW WORM IS SPREADING ON THE INTERNET(fwd)

From: Eugene.Leitl@lrz.uni-muenchen.de
Date: Sat Mar 24 2001 - 11:00:20 MST


"Robert J. Bradbury" wrote:
 
> While messing around with this I've been thinking about the
> problems of verifying that *any* of the programs I'm downloading
> don't contain "trap-doors". And you know, I really haven't
> got a clue how one would go about preventing that.

If you want to run a *nix box on the Net, it is usually a good
idea to a) avoid major vendors of brokenness such as RedHat and
Mandrake. This is server, not desktop. You'd want to use Debian,
or one of the many *BSDs. b) You'd want to disable all but the
barest services you need. (A christmas tree style box lit up with
open ports is a standing invitation to any teenage h4x0r). You'd
want to run a dedicated machine as a firewall (http://linuxrouter.org ,
or similiar), putting your server behind it. Don't go for Bastille,
it's pure cargo cult security. There's also a list of known applications
you'd want to avoid/substitute by nonbroken alternatives.

At this point you should really consider whether you'd want to
hire a security professional to set up the whole shebang. It will be
quite expensive, but after the initial setup you can administer the
system all by yourself. Provided, you apply the latest patches, you're
effectively unhackable. Nevertheless, keep your backup history current.
 
Unless you're ready to get lots of practice rebuilding your system
each time it's compromised, this is definitely an alternative worth
contemplation. Do you do your plumbing and the gas connections
yourself? I think it depends on what you think your time is worth.
If you make enough $$$/h, and don't take any pleasure in fixing it/running
a tight ship all by yourself, here's something to be outsourced to the
professionals. I don't know anyone off cuff if you need a reference, but
I know trustworthy people I can ask.



This archive was generated by hypermail 2b30 : Mon May 28 2001 - 09:59:42 MDT