Re: The Morris worm to Nimda, how little we've learned or gained

[Joseph S D Yao <jsdy () center osis gov>]

On Mon, Jan 07, 2002 at 03:20:01PM -0500, Rich Kulawiec wrote:
...
> A second problem is that I'd like to avoid this entire process; but I'm
> not aware of any Unix/Linux distribution whose install procedure includes
> taking the user through a dialog that advises them what they're opening
> vs. what they're closing.

I'm told the Bastille Linux scripts shut everything down and ask what
you want to open again.  I have to admit to not having tried them,
since our number of production Linux servers is still vanishingly
small.

...
> To be honest, I don't know of a really good approach to address this.
> One thought that occurs to me is that software authors might consider
> including, in addition to the ubiquitous "README" and "INSTALL" files
> that are part of many (most?) open-source packages, a file called...
> hmmm, let's call it "IMPACT" because it somewhat reminds me of an
> environment impact statement...which would detail what files/directories
> are modified when this package is installed, what network port(s) it
> listens on, what processes it will run, etc.  But I'm not sure if this
> is a useful idea or not.  Comments?

The file is called "SECURITY" in the 'sendmail' package, and isn't in
just about any other package I've seen.  And that one is pretty slim,
not as complete as you are asking for.

-- 
Joe Yao                         jsdy () center osis gov - Joseph S. D. Yao
OSIS Center Systems Support                                     EMT-B
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards