[CentOS] CleanLog.h

Fri Nov 30 23:40:34 UTC 2007
Amos Shapira <amos.shapira at gmail.com>

On 30/11/2007, Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894
<kd4efm at kd4efm.org> wrote:
> By any chances, have you ran 'ps ax' from root and looked
> to see what does not look like it should be there??
>
> IF you are willing, paste your 'ps' output for us to
> help you find the program that is running and sending out
> the emails.
>
> also review your sendmail rule set.
> Next, to help lock down your server a little more
> make sure you have set a password on your VNC.

Tunnel your VNC over SSH (or SSL?).
See http://en.wikipedia.org/wiki/Virtual_Network_Computing#Security
about how insecure is the VNC protocol.

> I had and Italian 17 year old poking around one
> of my Amateur Radio boxes via VNC, simply cause I
> forgot to set a vnc password, so it was wide open
> like a windoz server box without a login screen,
> you know, the good old "I AM OPEN FOR YOUR PLEASURES..."
>
> Also change your sshd, the port it is on, and do a rule
> set that only allows a specific ip to access it.

That's a good advise. I have yet to see my non-standard sshd server
scanned since I changed  it over 3-4 years ago. Same with a private
http server.

> I think I am correct saying you can do that as well with VNC.

See above - the VNC protocol is not secure on its own, but you can
tunnel it over secure protocols.

>
> The other option would be to stop the service all together
> IF your not needing it.

Of course. That's up in the top ten commandments - stop any service
(and remove any package, I would add) that you don't need on the
server.

--Amos