Mail disaster - semi-new system

Alex Neuman alex at nkpanama.com
Tue May 16 16:38:49 IST 2006


Kai Schaetzl escribió:
> Of course, it's possible that the SELinux 
> policy coming with FC5 is different from the policy in RHEL4. I wouldn't 
> just skip that, especially not if my earlier machine got hacked.
>
> Kai
>
>   

He _did_ say *compromised*, not *hacked*. When this happens it's usually 
the result of not tightening up something else... Examples include:

* Users on the system instead of a database, with /bin/bash as their 
shell and SSH enabled, and a guessable password.
* Lax permissions on CMS systems that allow people to execute code or 
upload content
* Not changing passwords after admin-level users leave the company

SELinux is great, if you know how to implement it properly. Otherwise it 
can confuse the hell out of someone not used to it.


More information about the MailScanner mailing list