Now I'l write you guys a list of what you have to do for a secure linux:
First find / -perm +4000 > suids..
Try to keep only the suids that you have to use.
The following suids have bugs..:
/bin/mount /bin/umount
/sbin/dip-3.3.7n-uri
/usr/bin/sperlx.xxx
/usr/bin/sliplogin
There are other bugs in network daemons that runs as root!
: in.telnetd --> exploit libroot
Solution: Install shadow and put login-static as your /bin/login.
: in.rlogind You better comment it in /etc/inetd.conf.
Also the finger daemon can be a problem, especially if you use cfingerd
that create a log file in every home directory as root!, and is to simple
to make a link to a very important file and you destroy it.
If you really want to have an ftp site you got to not allow real users,
and not allow uploading
If you use telnet for logging on to your system do it only from a
localnet, because telnet is not a crypted communication and your password
pass free on the network.Try to install a firewall (ipfwadm for example).
Try to restrict network daemons that run on your Linux ..
You can comment 80% of the lines in /etc/inetd.conf
You can have only sendmail httpd in.telnetd.