SLUG Mailing List Archives - Re: [SLUG] linux to linux shares

To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] linux to linux shares
From: "Philip Greggs" <png320@xxxxxxxxx>
Date: Tue, 21 Feb 2006 05:32:16 +1100
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=eTiRa88+0SaGCdE5gA3d/iKPEx4qr7S4TCI5nepi1qLsEMJUkLpQeJUa6oXV70+2z8iNcvaiWaWpu1gdkzNgXDhl7YEeJHlem5nnv5TpqCKVhbCKmCfof4mombNHxulsNi3LeFq6RIsB+WNGWwPNNx9tSYGgyPffkfrNw4vbzyw=

O Plameras wrote:

------SNIPPED---------
>But you still have to harden your total system.
>We learn from previous experience, it is a bad
>habit to leave a crow bar around when parking a
>car. Otherwise, some smart  hacker will find more
>and larger holes and tunnels in the complex
>laryrinths of kernel modules and components
>instead of limited, narrowed, and restricted pathways.
------SNIPPED---------

Hi,

May I share what we do at our company in general.

There is a standing policy at all our sites to recompile
Linux kernels before a new one is implemented.
This is done by removing unnecessary and unused modules.

Implementation is ensured by providing a copy of the
config-XXX-XXX to HQ.

Quality assurance engineers audit sites and ascertain
that config-XXX-XXX as submitted tallies with the running
system.

Config-XXX-XXX is decided before hand by our
IT Security Team.

Just one of the ways our company controls IT security.

PG

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] Hunting an IP Address.
Next by Date: [SLUG] [Fwd: [SLUG-ANNOUNCE] Notice of upcoming Annual General Meeting - March 31]
Previous by thread: Re: [SLUG] linux to linux shares
Next by thread: [SLUG] Your urgent contact needed!!!