<HTML ><HEAD ><TITLE >Review security.</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="HOME" TITLE="Upgrading Your linux Distribution mini-HOWTO" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Restore the stuff from the backups you made earlier." HREF="x147.html"><LINK REL="NEXT" TITLE="Enable logins." HREF="x155.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Upgrading Your linux Distribution mini-HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="x147.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="x155.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="AEN150">17. Review security.</H1 ><P >(Sigh...) When I wrote this, this step was important but not crucial; the Internet was a friendlier place even in 1996 than it is today. Now, if your machine has Internet access, this step is utterly vital, and there are whole books devoted to getting it right; I can do nothing more here than offer a few very basic pointers: </P ><P >Check file permissions and directory permissions to be sure that access is neither too restricted nor too easy. I find that Slackware tends to lean toward a more open environment than I like, so I go around changing 755's to 711's for binaries in the .../bin directories and stuff like that. Or even 700's in the .../sbin ones. Especial care is needed if you've carried over ftp, telnet or web servers; but then, if you were running those, you probably thought of that already. :) </P ><P >Look at /etc/inetd.conf or /etc/xinetd.conf and make sure you're not running any Internet services you don't need to. Also go through the boot scripts in /etc/rc.d and friends for the same purpose. Check your firewall rules if your box is an Internet gateway or has Internet access. </P ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="x147.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="x155.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Restore the stuff from the backups you made earlier.</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Enable logins.</TD ></TR ></TABLE ></DIV ></BODY ></HTML >