Phishing - Linux boxes are vulnerable
Chris
racerx at makeworld.com
Thu Oct 4 23:16:47 UTC 2007
On Fri, 5 Oct 2007 08:48:25 +1000 (EST)
Res <res at ausics.net> wrote:
> 6. use a respected server OS, one that doesnt hack the f#ck out of
> programs like RH(CentOS) do
Umm - I hate to toss a munkey wrench into the mix, but if you really
want a reliable SERVER OS, my choices would be OpenBSD, NetBSD or
FreeBSD
>
> 6a. use modern current packages of apache2, php5 and MySQL,Sendmail
> etc from the respective sites, and not by use of RPM's because its too
> "vendor altered" which is where 90% of the security issues come
> into it.
Modern, most current isn't always the best way to go either. You need
to be a little savvy.
> 7. ban use of any but most current version of phpnuke (ban totally if
> you can) and those frickin image gallery programs.
Read up number 6a.
> 8. use a decent detection system
Agreed
> 9. use something like MailScanner with spamassassin adn a good
> anti-virus on your mail server to minimise the exploit opening in the
> first place
While Mailscanner is very good - you need to know your MTA also.
(unless things have changed) Mailscanner and Postfix was a no-no.
> 10, follow same rules as you would on winblow$, no running stuff you
> dont know what it is, no clicking on links in mesgs you dont know the
> sender, its all basic sence :)
*nod*
--
Best regards,
Chris
Registerd Linux user number 448639
More information about the users
mailing list