Greetings All,
I am running Apache on Red Hat version 6.2. I would like to secure this box as best as possible, since I already got hacked once. What are the general steps in securing a box that needs to serve pages, ftp, and pop? Thanks in advance! Mark |
Here are a few basic steps.
Turn off any services you do not need (comment out of inetd). Do not use wu-ftpd. Use ssh instead of telnet. Keep all packages up to date. Do not use wu-ftpd ;) You may also want to install somekind of IDS. |
Jeremy forgot a VERY important thing...don't use wu-ftpd!!! :P
|
Thanks!
Thanks folks, I also learned the following:
wget -m all the (50 or so) updates for redhat 6.2 and rpm -Uvi *.rpm when you are done 2) edit /etc/hosts.allow and put in a: ALL: *.your.domain some_management_machine_s_ip portmap: the same Just alittle tidbit. Mark |
All times are GMT -5. The time now is 08:31 PM. |