Do you have a question? Post it now! No Registration Necessary. Now with pictures!
January 13, 2006, 12:51 pm
rate this thread
I use Linux (Arch) on the standalone machine. I have a cable Internet and
For security I have Shorewall Firewall, Clamav antivirus and once a day I
run rkhunter which from first time show me:
Scanning for hidden files... [ Warning! ]
/dev/.udev /usr/man/man8/.isdnctrl_conf.8.gz /etc/.pwd.lock
Please inspect: /dev/.udev (directory) /usr/man/man8/.isdnctrl_conf.8.gz
(gzip compressed data, was ".isdnctrl_conf.8", from Unix, max compression)
* Check: SSH
Searching for sshd_config...
Checking for allowed root login... Watch out Root login possible.
Hint: See logfile for more information about this issue
Checking for allowed protocols... [ Warning (SSH
v1 allowed) ]
I am surfing on the Internet as user. How is about spyware, how safe is
Update rkhunter's DB like this;
Think your DB just needs to be updated
Smile... it increases your face value!
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Robert's suggestion is good. Always check for the newest updates, and for
advice from the software source with questions.
SSH v1 is old, vulnerable and has been replaced. You can use the search
features at these pages to find more information:
If you use SSH (doesn't sound that way from your description) update to
newer version. Then look for and read all the other caveats and
suggestions written here and elsewhere about running SSH. You should
disallow root login, among other precautions. If you don't currently use
it, do 3 things, fastest first:
1. Disable it from running in the runlevels that you are using. (Disable
all unnecessary services while you are at it.) Can use chkconfig to do
this most easily, but only takes effect when systems or services are
2. Uninstall the vulnerable version.
3. Firewall it's access from the outside world off. You should find
everything you need for this from:
When you think you are done firewalling it, check your firewall with an
intrusion scan. One widely used source is:
http://www.grc.com/default.htm -- Look for the "Shields Up" link.
At the moment it does not seem that Skype has any major security concerns.
But note that the Skype software offered for Linux is Beta (meaning test
version). Keep a sharp eye out on this at least until they release a full
version 1. Skype also has a desktop GUI with an integrated text IM
system, and as such might be vulnerable to the same IM spam as all the
other IM systems. The spam itself may be annoying, but if someone clicks
on a link to a site with malware, then all bets are off. Other IM systems
have had vulnerabilities in the past that required patching. Also, note
that all IM systems have your (current) IP address and online status, as
well as your open communication ports on some central server (and not your
ISP's server), somewhere.
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security