Security checklist

Dogit · 02-23-2005, 02:13 PM

Hello,To all

Just trying to be on the safe side here.
please have a look if there is some other
item/items that anyone thinks i should add
please just say so

well so far here it is

Snort

Tripwire

Iptables

F-prot | Anti

Rkhunter

Chkrootkit

Root pass to = 10

Note: this is before i go online to do a full update
of Suse9.0 Pro

there it is Pros see something i should drop or
add just say so well that's it for now

Thank you

Matir · 02-23-2005, 02:33 PM

Did you disable any unneeded services? There's a lot more that COULD be done, but you seem to have gotten the major points down. Check all user accounts are either disabled or have secure passwords.

Dogit · 02-23-2005, 02:58 PM

Hello,Matir

First thanks for taking the time to reply no
i,am stell trying to find this type of info. not
sure what to keep or stop could you maybe

please give me a head's up on this
what should i keep from running on
this Suse & how do i go about doing it

OPPs sorry when you say this here

Check all user accounts are either disabled or have secure passwords.

it's just me on all my puters so as long as i
have a password for my root & user name
i should be ok Yes/No

Thank you

nex6 · 02-23-2005, 05:29 PM

There are alot of pretty good Linux and Unix based security guides out there like:

http://www.cert.org/tech_tips/usc20_full.html

other things to remember is:

1 fully patch

2 remove any not used services

3 correctly setup all services (like NFS, samba etc)

4 host based firewall and control access with tcp_wrappers and other access controls to the services

5 good practices, like not using root all the time,

6 consider SElinux, for mandotroy access control if you want to really be parinoid and have the time to mess with it / learn it.

I should give you a start.

-Nex6

Dogit · 02-23-2005, 07:33 PM

Hi,nex6

I thank you as well for your time & for the link
i will have a look at it as soon as i. do some other
things i started boy this is hard work but i like this
linux

Thank you

peacebwitchu · 02-24-2005, 12:45 PM

You might want to install a logchecker like logwatch etc... Keep a copy of the tripwire database on read only media. If you are using ssh disallow root from being able to login. Remote syslog is easy to setup if you have multiple machines.
Restrict su to only members of the wheel group.

Dogit · 02-25-2005, 02:38 PM

Hi,peacebwitchu

Wow sorry for this late reply trying
to get a ton of things. done at once

man i love this linux stuff & will be
going to Suse9.2 Pro this week

thanks for the info

Great day