Am Do, den 14.10.2004 schrieb Jonathan Allen um 19:29: > Thank you for telling everyone. This is an old system, without much > working hardware, that has a limited life horizon but needs to stay > operational for a bit longer. You posted the hostname yourself first here on the list. Despite that, hosts connected to the net - especially those 24/7 online - are always targets for scans and probes from all over the world > How did you extract that information - presumably by doing a portscan > or something like it ? Yes, I did a portscan after a telnet to your SMTP server told be to be that old Sendmail release which has a lot of severe bugs. And then I found it is not only the MTA. A portscan is nothing forbidden, just something like knocking at the doors and checking whether they are open or locked. > How would you suggest that I secure as much as I can without doing > either a system or kernel upgrade ? Sticking plaster - yes, but > some unusual configuration stuff has to stay up a bit longer. > > Jonathan First shut down every service you don't really need. I.e. the wu-ftp daemon is vulnerable. If you don't need the FTP server switch it off. If you need an FTP server, then install a new version as a replacement. Do so with all other services. Yes, - before you ask - it is much work. I am not quite sure about the kernel running, but would bet it has security flaws too. Obvious, because Red Hat Linux release 6.0 (Hedwig) has not security update packages since years. I wonder a bit that this host is not already "rootkited" - or is it? Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.8-1.521smp Serendipity 19:35:34 up 14:47, 16 users, 0.25, 0.35, 0.32
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
