Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: To chroot or not to chroot?

from [Jeroen van Meeuwen] Network Security [Permanent Link]
Subject: RE: To chroot or not to chroot?
Date: Thu, 24 Nov 2005 21:32:16 +0100 
Martin,

You could consider setting up a restrictive SELinux environment.

Kind regards,

Jeroen van Meeuwen

--
kanarip


-----Original Message-----
From: Martín Villalba [mailto:famafcs@gmail.com]
Sent: Wednesday, November 23, 2005 19:58
To: security-basics@securityfocus.com
Subject: To chroot or not to chroot?

Hi, list! Maybe you can help me with this: I'm about to install a
webserver, which should have an http server, webmail, php support,
dns, ftp, remote login and a couple more things. Obviously, with all
those ports open, I must take every security measure I know (and some
I don't). But here comes my doubt: should I jail the webserver with
chroot? My first thought was "Duh, yes!", but thinking about it,
having all those services running at the same time, do I really make
any difference? It seems to me that in such environment a cracker (no,
i'm not writing "hacker") could do anything he (maybe she?) wants...
Ideas? Suggestions? Donations (cash, please)?
C-you

Martín
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  2nd CFP: The First International Conference on Availability, Reliability and Security (AReS 2006), 20-22 April, 2006, Vienna, Austria, Manh Tho
Next by Date:  SF new article announcement: Tenable discusses the Nessus 3 release, Kelly Martin
Previous by Thread:  To chroot or not to chroot?, Martín Villalba
Next by Thread:  Re: To chroot or not to chroot?, Josh Tolley
Indexes:  [Date] [Thread] [Top] [All Lists]