[TriLUG] Have I been compromised?

jeffj at ro.com jeffj at ro.com
Sat May 25 10:38:37 EDT 2002


Tanner Lovelace <lovelace at wayfarer.org> said the following on the auspicious date of 2002-05-23:

>On Thu, 2002-05-23 at 13:35, Chris Merrill wrote:
>> I've just read yet another story quoting that a default
>> Red Hat installation placed on the Internet will be
>> compromised within days.

>Actually days is probably optimistic.  I've heard of
>default redhat boxes that were compromised within hours
>or even minutes of being placed on the net (yes, I said
>minutes).  The HoneyNet project has more information about
>stuff like this.

I've got a variation on the question. My router & firewall system runs Redhat 7.0 updated to kernel 2.4.13. I went through all the trouble to configure iptables myself. I told it to block any incomming traffic that isn't in response to a client request from inside the LAN. The machine will not even respond to pings, along with many other simple attempts at communication. How secure is a setup like this?

--------------------------------------------------
MS Windows -- An entomologist's dream

Jeff Jackowski      http://ro.com/~jeffj/
"Luncheon meats make the sawdust in your stomach
 explode."          -- Crow T. Robot





More information about the TriLUG mailing list