about tmp partition security

M

MartijnHOS

Verified User
Joined
Jun 18, 2005
Messages
58
Location
Netherlands
Hello,

I have been reading about securing your tmp partition.
Like this topic http://www.hostgeekz.com/guides/Security/41/Securing_temp_drives.htm

But what if you already have got a tmp partition, all articles are about creating a new "partition".

What do i have to do? Is it just as simple to edit my fstab line:
/tmp ext3 default 1 2

in to:

/tmp ext3 loop,noexec,nosuid,rw 0 0

Kind regards,

Martijn
 
Operation not supported

when i try to execute command

dd if=/dev/zero of=tmpmnt bs=1024 count=500000
My Frebsd box says Operation not supported

I'm trying to secure my /tmp and /var/tmp directories

PLS help because i found in my crontabs this command:

/usr/sbin/cron[4464]: (apache) CMD (/var/tmp/irclordz/y2kupdate >/dev/null 2>&1)
and i see that my DA server waz hacked.

I try to run chkrootkit and rootkit hunter

rootkit hunter says everything is OK
but chkrootkit says bindshell INFECTED.

after cleaning and reboot chkrootkit says nothing found

Thank you
 
See my reply in the other thread in which you posted the same question and please refrain from posting the same post in multiple threads.

Thanks.

Jeff
 
tmp directory hardening!

Be sure to secure the directories /tmp, var/tmp and /dev/shm. Although this is not currently the panacea as a security measure, since there are XSS exploits that execute code directly from the script. So this today does not help much. But it is always good to take this step.

First of all:
Code: 
sudo cp /etc/fstab /etc/fstab.backup

At the end of the operation, remember to
Code: 
reboot
the server to apply the changes made to the /etc/fstab configuration file.

You can also use the following commands to see how they have mounted the filesystem on your OS:

Code: 
sudo blkid

Code: 
cat /etc/mtab | less

If you have more questions about it you can search for harden tmp in Google.

Regards.
 
Sorry. The correct command would be:

Code: 
sudo cp -R /etc/fstab /etc/fstab.backup

Regards.
 
Why are you replyingn to 12 year old posts? Please check post dates before upping ancient messages without any benefit.
 
You must log in or register to reply here.
Back
Top