September 4th, 2003, 10:12 PM
When is the best time to secure your linux box?
I start my laptop, login as root start Xchat to have a chat with a few friends.. get the xchats message that running xchat as root is stupid ... i agree with the fact that what i did was stupid enough .. and log back as a regular user ... not being too worried that thats the first time i run my fresh copy of Red Hat 9 without any firewall ...in fact i'm only going to chat with a few friends. I make some changes in /etc/fstab and reboot after half an hour from the moment i turned it on. System boots up ... but i see failures... can't mount /proc then another two failures with messages to chech if /proc is mounted and another that sais to mount /proc /proc -t proc. First thing that crossed my mind was to remake the /etc/fstab as it was ... but i'm in recovery console and the file system is mounted read only ... i switch grub to coomand line, mount the fs as rw , boot, and modify fstab... reboot and get the same errors ... then i try to mount proc and it sais only root can use mount ... su - ..now i'm root : again i try to mount it ..the same message... i search in logs and get nothing ... and also none of my tries have effect to my problem ... so after a few hours i decide reinstalling my system ... apparently someone exploited it and planted a rootkit ...
Running Xchat as root is stupid ... but i guess getting online with my box unsecured was far more stupid than that ...Its frustrating being root and have no root privileges on your own box ... and even more frustrating when its after only after minutes u get the first time out on Internet.
Then i wondered... why isn;t more publicity on securing systems ? but i guess there is but some of us just don't see it until its too late.
September 4th, 2003, 10:21 PM
Best time to secure your box is before you connect it to a network.
There are a variety of HOWTOs on security around the Internet. The Thymus Guide to Securing Slackware might help somewhat even securing RH. http://www.giac.org/practical/GCUX/T...rtier_GCUX.pdf
September 4th, 2003, 10:28 PM
well the question was retorical .. though i forgot to put the conclusion u point to