Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
My question is simple but very important for me ...... I want to harden our Linux RH 9.0 machine ......Please tell me some good procedures to make it more secure than it is ......... I m not in search of any new security software to install .....just the precautionary steps .........
If you need some more information ....plz let me know . Thanx in advance . Bye .
Hi Masand ,
Actually this linux is currently used for database purpose ....for storing data .
So we need not have any other things activated in it ..... . And we need to secure it and dont want unauthorised access in it ....in case any such thing is happening in the backgrounf then we should get notice of it immediately ...... .
Stuff that makes a machine more secure ....... ANything else you want budyy ??
Strip out any programs or services that you don't need.
Search for suid or guid programs.
I don't have red hat but you may have a program which checks for file changes and permission problems. Monitor the log output of this program to catch potential problems before a hacker does.
I read a book on setting up linux servers, and I was surprised how stripped down ( program-wise ) the system was. If you have only the binaries needed to run the server, it would be easier to do things like making a list of the md5sums of the files, so if you think you may have been hacked, you can check if any files are altered.
Be sure you don't have wireless devices on your network. Pros can pick up network traffic in an office from miles away.
Some people have a direct cross-over connection to another computer which receives the logs. Hackers will try to cover their tracks by altering the logs. Keeping the logs on a seperate computer not on the network makes that harder.
You might want to pick up a book such as 'Firewalls and Internet Security'.
Besides protecting the database from attack you also need to protect propriety information in the database itself. That means that you need to consider security of each workstation also, and network security overall.
Check the password policy of your network. Do the passwords need to meet a minimum criterian before a password change is accepted. I read that the most common way that professional hackers ( industrial spying ) obtain passwords is to pose as someone from the companies IT department.
1.) download the bastille-linux rpm... should be on their main page.
2.) go to this page http://www.bastille-linux.org/perl-rpm-chart.html
3.) You'll need the modules listed under Red Hat 9.0
4.) The links for ATrpms are broken, but this URL will give you what you need. Only download the ones that were suggested from the bastille-linux consulting table. http://atrpms.net/dist/rh9/
so all together you should have:
perl-Tk from ATRPM AND ATRPMS package (Graphifical)
perl-Curses from SuSE (Text-Console)
Once you have these, put them all in the same folder and as root run:
rpm -ivh *.rpm
Then just run:
and you're good to go
Bastille-Linux will ask you a bunch of questions about what services you want to run. When you're done you'll have a fortified Linux system.