[CentOS] Hardening CentOS by removing "hacker" tools

Matt Shields mattboston at gmail.com
Sat Jun 7 00:03:49 UTC 2008

On Fri, Jun 6, 2008 at 7:54 PM, Luke S Crawford <lsc at prgmr.com> wrote:
> "Filipe Brandenburger" <filbranden at gmail.com> writes:
>> My boss asked me to harden a CentOS box by removing "hacker" tools,
>> such as nmap, tcpdump, nc (netcat), telnet, etc.
> Removing network tools does not make it harder to break into the box,
> however, it can make it harder to do something with it once you are in.
> removing those tools might help keep an infection from spreading, but it
> wont protect the box itself.  (also, just installing the programs just
> means that if your box get compromised, the hacker needs to install
> some new packages.  Not difficult, even without root-  the attacker
> can install to the compromised user homedir.)

But removing networking would :)


More information about the CentOS mailing list