[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FVH 2 Jan meeting topic



On Sun, 2002-12-29 at 16:38, Nate Reindl wrote:
> Quoting "Robert G. (Doc) Savage" <dsavage@peaknet.net>:
> 
> > Whoahh there, Mule! Would you care to elaborate on this claim? Or are
> > you just blathering?
> 
> What?  You thought that RedHat was secure and hardened by default?
> 
> Sorry to bust your bubble, but I've seen RH boxes cracked into literally overnight.

Nate,

Please elaborate. If by "secure" you mean as tight as NSA's SELinux,
then I would agree. Ever since Red Hat began its "disabled by default"
mode when installing most services, its relative security has been quite
good. Certainly better than any of its competitors.

This is not to say that Red Hat is invulnerable, or can't be installed
badly. I can tell you that a primary DNS server I installed at a client
site has survived more than two years of constant, determined attempts
by hackers from Canada, France, Germany, Russia, and many other places.
It's running RH7.1 and is NOT protected by a firewall. It WAS set up by
an RHCE (moi) who knows what he's doing.

When you say you've seen RH boxes cracked into overnight, you really
should explain what unusual access made this possible. For example, were
they protected by firewalls as most non-trivial networks are? If not,
were they "fruit baskets" with every possible RPM installed? Were their
local consoles accessible? What services were installed and enabled?

--Doc




-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.