Date: Fri, 17 Dec 2004 10:51:35 -0500 (EST) From: "Jerry Bell" <jerry@syslog.org> To: freebsd-security@freebsd.org Subject: re: Strange command histories in hacked shell server Message-ID: <2641.209.134.164.137.1103298695.squirrel@209.134.164.137>
next in thread | raw e-mail | index | archive | help
Did I understand correctly, that anyone can connect to the shell server and create an account for themselves? I have a somewhat rudimentry hardening guide for FreeBSD at http://www.syslog.org/Content-5-4.phtml I've tried to keep it up-to-date, but I have yet to incorporate MAC, which I think will help out a good bit more. I hope you find this a useful. Jerry http://www.syslog.org Ganbold <ganbold <at> micom.mng.net> wrote: >Please give me some advice and info regarding this kind of hack. >What should I do in order to secure my shell server? I mean except >securelevel, unneeded services etc. >Can somebody give me some hints on file and directory permissions? >Is there anybody who has similar server config and already had such issues >and problems?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2641.209.134.164.137.1103298695.squirrel>