[Linux4christians] Antirootkit software for Linux
Pastor David
pastordavid at bibleseven.com
Mon Jun 30 18:12:43 EDT 2008
>> Anything one can do apart from rootkit/virus protection apps to prevent trouble?
>
> * Prohibit root from running remotely;
> * Run all apps that require "root" to run from a chroot jail;
> * Monitor who has permission to do what;
> * Monitor _all_ changes to the system;
> * Turn off autoupdate for _all_ applications;
>
> xan jonathon
> _______________________________________________
Got some generaly excellent news from the Puppy Forum ...
* Prohibit root from running remotely;
Here is a small utility:
http://murga-linux.com/puppy/viewtopic.php?t=30699
Note: by default, Puppy does NOT allow remote-access!
* Run all apps that require "root" to run from a chroot jail;
This is somewhat difficult, such solutions are usually used by
server-systems only, where several programs run, that are intended to
give remote-users access. Like sshd.
If you use Puppy as desktop-system, closed for remote-access, this is
not needed.
* Monitor who has permission to do what;
Just an issue, if you have a multiuser-system with several user-acconts.
* Turn off autoupdate for _all_ applications;
I know just 3 such apps:
- Openoffice
- Opera
- Firefox
For OpenOffice, it should be DE-activated, as OpenOffice usually is in a
SFS file.
Use a newer SFS instead, if you want an upgrade.
Opera and Firefox SHOULD auto-update, so that you get the newest
security-fixes.
In Puppy as desktop-system, the browsers are the most critical
applications, as they connect you to the web, and could (in theory)
"import" bad stuff on your computer. In practice, we had no reports yet.
* Monitor _all_ changes to the system;
Not practical in a desktop-system, where the user often installs new stuff.
Practicable again for servers, that are set up only once, and then run
for years without any changes (except some security-updates).
So if you follow the first advice (disable remote-access) and update
your browsers regularly, your Puppy is well secured.
In addition, you could run seamonkey not as root:
http://www.murga-linux.com/puppy/viewtopic.php?p=189094
--
Be blessed as God blesses others through you! Pastor David
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Senior Associate Pastor
First Baptist Church of Spring Hill, FL
http://firstbaptistchurchsh.com
Personal Site: http://bibleseven.com
Sent Using: ChurchPup-Linux
http://www.churchpup.com/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Linux4christians
mailing list