Re: [seul-edu] Server hacked via FTP hack... need help...

["Jeremy C. Reed" <reed@reedmedia.net>]

On Fri, 3 May 2002, Paul Bauer wrote:

> OpenBSD is the most secure.  You can tighten up some of the others but
> it isn't as secure by default.  If this is just serving up sites and
> information you may want to make tha change.  If linux is required...I
> am not very helpfull on which is the most secure.  Sorry.

OpenBSD has proactively fixed several issues that have later been
exploitable on other operating systems and they do have a limited set of
services running by default.

But an operating system is secure as the administrator makes it.

> On Fri, May 03, 2002 at 01:34:41PM -0400, Ryan Booz wrote:

> > my first experience with being hacked.  not fun.  definitely want to stop
> > it from happening again... as best I can.

Read a few security howtos and other security articles.

Clean your system of unused software. (Don't install un-needed packages.)

Disable un-needed services/daemons.

Follow the security lists/forums for your used software.

Keep your OS and software up-to-date.

Have reliable backups. (And test.)

Use file integrity checking.

Check for port scans.

Do system security audits (e.g. look at setuid changes, import config
changes, etc.).

Review logs.

And so on.

(I just taught a workshop about this a week ago. If you are in the
Seattle-Everett area, and are interested in other workshops, let me know
off-list.)

> > Any opinions on which distro is "most" patched.

I personally like to use NetBSD or Debian Linux (stable).

Good luck,

   Jeremy C. Reed

p.s. Please consider to not top post in replies -- it makes it so the
message has to be read out of order to get the entire context.