Well, I don't know if this belongs in the Newbie forum, so I apologize ahead of time if it does.

I am not familiar with Linux Security measures, so is there anything I should do after installing Mandrake 9 to make sure I'm secure ? I have no idea if it's solid right away or not.
(Anyone know where any tutorials/manuals on the subject can be found?)

Thanks ahead of time.

If you're not connecting through a firewall (i.e. you have a direct modem connection), then I would suggest that you at least put the Mandrake default firewall in place. You can do this by going to the Mandrake Control Center and enabling firewalling. As for tutorials and manuals... there are bloody hundreds! Security is a very big area in the computer industry, and a lot of the documentation will be high-level stuff...

No, the forum choice is excellent I'd say.

First thing is to make a "baseline fingerprint" of all the binaries you've got on your box using Aide, Tripwire, Samhain or similar.
Next you've got to decide what to use the box for, and minimize risk due to exposure, meaning ditch any apps you won't be using *now* (so that excludes apps with reasons like "dunno what it's for but it must be usefull", "I'll look into it" or "I'm sure *gonna* use it"). You can always install later.

If this box will be a server box, ditch GUI stuff like X11, Gnome, KDE, gcc and any daemons you will not be running to minimize risks further.

If this box will be a shell-server box, you will want to look into curbing risks due to users trying to exploit weaknesses.

In any case activate a firewall script if you didn't already, disable running daemons you don't need, run OpenSSH to get remote access and run Bastille as Mandy comes with it IIRC.

All of this preferably *before* you get it hooked up to the network :-]

I'll tack on my reference list as usual, please ask if something ain't clear.

Basic references:
- AUSCERT UNIX Computer Security Checklist (Version 1.1) www.cert.org/tech_tips/AUSCERT_checklist1.1
- Steps for Recovering from a UNIX or NT System Compromise www.cert.org/tech_tips/root_compromise.html
In fact read the whole of http://www.cert.org/tech_tips/
- The CIT Computer Security Handbook: www.cit.nih.gov/security/handbook.html
- Aging stuff from Phrack, good to read back to be sure, like "Unix System Security Issues" www.fc.net/phrack/files/p18/p18-7.html
- SEI stuff like www.sei.cmu.edu/publications/lists.html handling IDS
- Intrusion Detection and Network Auditing on the Internet www.infosyssec.net/infosyssec/intdet1.htm

Top it off with some reading material on security:
- Security tips: www.cert.org/tech_tips/ and www.cert.org/security-improvement/, http://www.securityportal.com/resear...xsecurity.html
- Top ten vulnerabilities: www.sans.org/topten.htm and http://www.cert.org/present/cert-ove...ends/index.htm
- Firewalling: www.infosyssec.net/infosyssec/firew1.htm, www.linux-firewall-tools.com/linux/
- Securing Xwindows: http://www.uwsg.indiana.edu/usail/ex...d/xsecure.html

Basic Linux references:
http://www.sans.org/infosecFAQ/linux/linux_list.htm
- The SANS Reading room: Linux issues (used Google's cache),
- the LASG or Linux Administrator's Security Guide,
- Securing Optimizing Linux RH Edition(1),
- Linux Security HOWTO,
*Linuxsecurity.com have a Quickreference pdf card.
Post-Installation Security Procedures (Linuxjournal)
- Security Quick-Start HOWTO for Linux,
- The Linux-PAM System Administrators' Guide
- Armoring Linux,
- A Short Course on Systems Administration and Security Under Unix(1)
- SAG: The Linux System Administrator's Guide,
- Basics on firewalling: www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
- Basic introduction to building ipchains rules: www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
- Explanation of the Ipchains logformat: logi.cc/linux/ipchains-log-format.php3
- Ipchains log decoder: dsl081-056-052.dsl-isp.net/dmn/decoder/decode.php
- The Iptables HOW-TO: http://people.unix-fu.org/andreasson/index.html
- LQ notes on Linksys security: http://www.linuxquestions.org/questions/showthread.php?postid=157007#post157007
Neohapsis archives: http://www.neohapsis.com
Linux Gazette: http://www.linuxgazette.com
Experts exchange: http://www.experts-exchange.com
Linuxsecurity.com, SecurityFocus.com
Matt's Unix Security Page: http://www.deter.com/unix/

Yes, a firewall is always a good thing even on a Linux machine especially if you have a dedicated 24/7 connection to the internet. Lots of people out there that run the gamut from serious cracker who scans a whole block of IP addresses looking for a certain port that he/she specialize in exploiting to the script kiddie in IRC rooms that is bored and/or wanting to prove himself.

It's good you have Mandy. If I'm not mistaken, Bastille comes with the distro. It is one of the easiest firewall programs to configure. You'll open up a shell, change to root then run: InteractiveBastille
You'll be asked a series of questions, you answer them and then save your selections and the appropriate config files will be set up according to what you tell it. It is also very handy if you plan on doing NAT for internet sharing with other computers you might have lying around. Just make sure you have iptables installed.

Good luck.

Wow, they weren't kidding when they say the linux community is the most generous.

Looks like I have a lot of reading to to... Thanks everyone for all the tips and that huge list of resources (unSpawn).