LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-08-2004, 08:06 AM   #1
brentos
Member
 
Registered: Nov 2003
Distribution: Fedora Core3, RHEL3,4
Posts: 92

Rep: Reputation: 15
Securing Server


Can anyone point me to a howto, well not really a howto just a list of things I should be doing or looking for when I am trying to secure a linux box so that it is safe from attack.
If you want to point me to specifics the box is RHE 3 but I only have ssh access it is a remote box so I don't get any of the gui config options that are suppose to make RHE easy to secure with the built in firewall

Any help will be appriciated, sites of our type have been getting hacked and on the last one the mainpage that was put in place said we were next. I am not to worried but you can never be to careful.
 
Old 06-08-2004, 10:40 AM   #2
Technoslave
Member
 
Registered: Dec 2003
Location: Northern VA
Posts: 493

Rep: Reputation: 30
chkconfig --list

Go through and disable all the junk you don't need...there's probably 80% of stuff that can be turned off for good that they have on by default for some reason.

From there it's just a matter of setting up iptables to disallow certain things, xwindow forwarding, some other junk.
 
Old 06-08-2004, 10:40 AM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Have you taken a look at the security references thread here. It's a good place to start for info on general security and server hardening.
 
Old 06-08-2004, 10:48 AM   #4
brentos
Member
 
Registered: Nov 2003
Distribution: Fedora Core3, RHEL3,4
Posts: 92

Original Poster
Rep: Reputation: 15
Thanks a lot for the help
 
Old 06-08-2004, 10:57 AM   #5
brentos
Member
 
Registered: Nov 2003
Distribution: Fedora Core3, RHEL3,4
Posts: 92

Original Poster
Rep: Reputation: 15
Oh just a question, what should I turn off like is there some things I should really look for or not. And how do I turn them off? If its with chkconfig, just say so, i will read the man

Here is my listing if it will help you give me hints on what to take out

microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kudzu 0:off 1:off 2:off 3:off 4:on 5:off 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
random 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off
saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
cpanel 0:off 1:off 2:off 3:on 4:on 5:on 6:off
mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off
isdn 0:off 1:off 2:on 3:off 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off
proftpd 0:off 1:off 2:on 3:on 4:off 5:on 6:off
smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off
netdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off
snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rhnsd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:off 3:off 4:off 5:off 6:off
snmpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
dc_client 0:off 1:off 2:off 3:off 4:off 5:off 6:off
winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
dc_server 0:off 1:off 2:off 3:off 4:off 5:off 6:off
aep1000 0:off 1:off 2:off 3:off 4:off 5:off 6:off
bcm5820 0:off 1:off 2:off 3:off 4:off 5:off 6:off
squid 0:off 1:off 2:off 3:off 4:off 5:off 6:off
named 0:off 1:off 2:off 3:off 4:off 5:off 6:off
tux 0:off 1:off 2:off 3:off 4:off 5:off 6:off
bandmin 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rlx-runctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off
rlx-agentd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
mdmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
chkservd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
mysql 0:off 1:off 2:on 3:on 4:on 5:on 6:off
portsentry 0:off 1:off 2:off 3:on 4:on 5:on 6:off
ipaliases 0:off 1:off 2:on 3:on 4:on 5:on 6:off
filelimits 0:off 1:off 2:on 3:on 4:on 5:on 6:off
spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off
antirelayd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
exim 0:off 1:off 2:on 3:on 4:on 5:on 6:off
xinetd based services:
pop-3: on
ntalk: on
talk: on
telnet: on
bpcd: on
cpimap: on
vnetd: on
vopied: on
bpjava-msvc: on
krb5-telnet: off
imap: off
imaps: off
ipop2: off
ipop3: off
pop3s: off
eklogin: off
gssftp: off
klogin: off
kshell: off
rsync: off

Last edited by brentos; 06-08-2004 at 11:00 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Securing new samba server Hans Zilles Linux - Security 1 11-08-2005 06:40 PM
securing vnc server on RH juanb Linux - General 2 09-08-2005 07:31 AM
Securing DNS Server Comatose51 Linux - Security 3 03-13-2005 12:49 AM
Setting up and securing a linux server my-unix-dream Linux - Security 7 06-22-2004 07:19 PM
securing a redhat 6.1 server JustinHoMi Linux - Security 4 07-19-2002 01:50 AM


All times are GMT -5. The time now is 10:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration