Network Security: Detailed info on To chroot or not to chroot?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

Subject:	To chroot or not to chroot?
Date:	Wed, 23 Nov 2005 15:58:22 -0300

Subject:

To chroot or not to chroot?

Date:

Wed, 23 Nov 2005 15:58:22 -0300

Hi, list! Maybe you can help me with this: I'm about to install a webserver, which should have an http server, webmail, php support, dns, ftp, remote login and a couple more things. Obviously, with all those ports open, I must take every security measure I know (and some I don't). But here comes my doubt: should I jail the webserver with chroot? My first thought was "Duh, yes!", but thinking about it, having all those services running at the same time, do I really make any difference? It seems to me that in such environment a cracker (no, i'm not writing "hacker") could do anything he (maybe she?) wants... Ideas? Suggestions? Donations (cash, please)? C-you Martín

<Prev in Thread]	Current Thread	[Next in Thread>
To chroot or not to chroot?, Martín Villalba <= RE: To chroot or not to chroot?, Jeroen van Meeuwen Re: To chroot or not to chroot?, Josh Tolley Re: To chroot or not to chroot?, darren kirby

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: secure disposal of backup tapes, Neksus
Next by Date:	Re: Selectively disabling USB devices, Tom Yarrish
Previous by Thread:	Re: Web Application Scanners, octopaz
Next by Thread:	RE: To chroot or not to chroot?, Jeroen van Meeuwen
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: secure disposal of backup tapes, Neksus

Next by Date:

Re: Selectively disabling USB devices, Tom Yarrish

Previous by Thread:

Re: Web Application Scanners, octopaz

Next by Thread:

RE: To chroot or not to chroot?, Jeroen van Meeuwen

Indexes:

[Date] [Thread] [Top] [All Lists]