| stex | evil_steve: 1022 is free but it's common I'm looking for a port XXXX that is open |
| evil_steve | stex: run with port 22 for the moment, give your self a good strong password, disable root access and you're set. google about ssh keys and look at the blacklist script from www.pettingers.org |
| stex | for iptables, what about traceroute, finger, ping and stuff like that? |
| evil_steve | you're fine iptables is stopping it from coming into the system no from going out well, I tell a lie but it should be fine |
| stex | http://rafb.net/p/nsGdbo30.html is the new iptables -l (ssh on 1022 was ok) damn it... forgot webmin port :D |
| evil_steve | lol |
| stex | evil_steve: sweet, it's working! /me feels slightly more safe |
| evil_steve | yep, there's nothing nicer that the feeling that your arse isn't daggling in the wind anymore |
| stex | now we have the evil (no pun) services that are running wild on my poor server evil_steve: I'm terrified to be hacked. I run important crucial info on them (I will) so safety is quite important |
| evil_steve | stex: it happens to everyone. I've got a client whose server is behind a firewall, protected by ACL's and iptables, and it got hacked via the webapp I spent the easter long weekend rebuilding that server and the forensic stuff is still going on |
| stex | evil_steve: true you are just as safe as the weakest link which can easily be the application how do I see what services are running currently? |
| evil_steve | ps is the process lister netstat shows you the ports things are listening on |
| stex | should I use ps? ps -xe? |
| evil_steve | I use ps auxwww but you use what you can read easiest :) |
| stex | big output :) |
| evil_steve | yeah |
| stex | the problem here is figure out what we need and what should be restricted wanna see the list? |
| evil_steve | no, I"m fine thanks :) if you want to see what services are running and when, use chkconfig |
| stex | chckconfig --list gives hte complete matrix xinetd are all off |
| evil_steve | take a look at the services that are set to run in 3, google any you don't recognise, and if you think you don't need them, then delete them. well, not delete them, but turn them off |