[Thewall-general] [thewall - Open Discussion] File-permissions / Hardening
Status: Beta
Brought to you by:
freebsdfan
From: <no...@so...> - 2002-05-24 08:55:02
|
Read and respond to this message at: http://sourceforge.net/forum/message.php?msg_id=1577716 By: rainer_germany Hello again, ;-) today i started to configure out the minimal file permissions needed for theWall to run... But there is something very curious: Even if i change file-permissions of a file to 000, so that nobody should be able to access the file, root is able to read, write and execute it. Is the rights management not fully implemented or is this a general fault on FreeBSD systems? Sure root is the superuser, but as long as he is able to run chmod, he could gain his rights back. I have worked a few years as security administrator on mainframe systems (IBM OS 390/MVS) and there it was usual to crumble down the rights to everything you don't need access to. That is to prevent accidently change or loss of any data. A few weeks ago, i have read a few articles about hardening, especially for OpenBSD Systems at: geodsoft.com\howto\harden There are some realy good idears, here are only a few: It would be nice to add a little note in the documentation to enable the write protection of the floppy disk when the firewall ist still running and nobody is actual working on it. By doing so, a hacker isn't able to make persistant changes to the system - after a reboot we have always a clear system. Another suggestion is to remove the Logon Banners on the console and telnet. Is it possible to implement cron and automate a Nightly Security Audit to detect filechanges and to create a changelog? An IDS-system (snort?) and a sniffer would also be nice to detect and analyse attacks.. ;-) greetings Rainer ______________________________________________________________________ You are receiving this email because you elected to monitor this forum. To stop monitoring this forum, login to SourceForge and visit: http://sourceforge.net/forum/monitor.php?forum_id=101881 |