Re: CleanLog.h

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 30/11/2007, Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894
<kd4efm@xxxxxxxxxx> wrote:
> By any chances, have you ran 'ps ax' from root and looked
> to see what does not look like it should be there??
>
> IF you are willing, paste your 'ps' output for us to
> help you find the program that is running and sending out
> the emails.
>
> also review your sendmail rule set.
> Next, to help lock down your server a little more
> make sure you have set a password on your VNC.

Tunnel your VNC over SSH (or SSL?).
See http://en.wikipedia.org/wiki/Virtual_Network_Computing#Security
about how insecure is the VNC protocol.

> I had and Italian 17 year old poking around one
> of my Amateur Radio boxes via VNC, simply cause I
> forgot to set a vnc password, so it was wide open
> like a windoz server box without a login screen,
> you know, the good old "I AM OPEN FOR YOUR PLEASURES..."
>
> Also change your sshd, the port it is on, and do a rule
> set that only allows a specific ip to access it.

That's a good advise. I have yet to see my non-standard sshd server
scanned since I changed  it over 3-4 years ago. Same with a private
http server.

> I think I am correct saying you can do that as well with VNC.

See above - the VNC protocol is not secure on its own, but you can
tunnel it over secure protocols.

>
> The other option would be to stop the service all together
> IF your not needing it.

Of course. That's up in the top ten commandments - stop any service
(and remove any package, I would add) that you don't need on the
server.

--Amos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux