X starting at startup

Scott plug-discuss@lists.plug.phoenix.az.us
Wed, 23 Oct 2002 20:54:29 -0700 (MST)


On Wed, 23 Oct 2002, George Toft wrote:

> William Lindley wrote:
> > 
> > On Wed, 23 Oct 2002, Mike Starke wrote:
> > > If it is a server, why have X installed?
> > 
> > in general, is it still considered a Bad Idea to run X on a server,
> > despite all the easy graphical administration tools, Kups for printers
> > just to name one?
> > 
> > "Don't run X on a server" seems a kinda mid-'90s attitude, or am I wrong?
> > 
> > \\/
> > 
> > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> > To subscribe, unsubscribe, or to change  you mail settings:
> > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> 
> 
> 
> Not running X on a server goes along with "Remove unneccessary
> services."  The more software you load up on a server, the more
> opportunities abound to compromise it.  Remember, according to the FBI
> (in a report I did a while ago), 85% of all attacks came from within the
> companies walls.  My company just fired someone from Network Security
> for hacking a server.
> 
> George
> 
> 
heh!  He (She?) should come work for my company.  I was ( <-- note the 
keyword) recently the Mgr of IS Security who was assigned all kinds of
responsibilities.  The AVP of IS (my boss) then proceeded to cut me off 
at the knees by telling me I could not spend any money, hire any 
expertise, had responsibility - but no authority (this was implied), 
etc.  

Based on some recent happenings - someone figured out how to install an 
unauthorized proxy server that bypassed all security checks - they wouldnt 
have a thing to worry about, as it most likely would never be noticed.

back on topic, kind of - yes, do remove all unecessary programs, 
utilities, etc.  Also, you should check to see what is suid, sgid and what
file/directory permissions are and fix as necessary.

scott