what to do when you've been rooted

Rick Moen rick at linuxmafia.com
Mon Jan 22 12:07:22 PST 2001


begin E Frank Ball quotation:
 
> If this is on the internet they also shouldn't have rlogin access open
> to the outside.

Well, DUH.

But the point is that you do not want hostile parties' ~/.rhosts files
sitting around just in _case_ you accidentally enabled the r-commands.
I actually have the adduser script create a root-owned .rhosts file 
with nothing in it, permissions 000, removing the concern prospectively.

> Then block most of what you left running with a firewall so it cannot
> be accessed from outside.

When you use the term "firewall" in this context, are you referring to
application-level proxy gateways, or do you mean filtering routers?  If
the latter, are you envisioning an implementation with stateful filters,
or not?

-- 
Cheers,                                      "Reality is not optional."
Rick Moen                                             -- Thomas Sowell
rick at linuxmafia.com



More information about the talk mailing list