LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices



Reply
 
Search this Thread
Old 12-31-2013, 10:03 AM   #1
hitest
Senior Member
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware, OpenBSD
Posts: 4,283

Rep: Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588
Infected Home Directory (OT)


Quote:
Originally Posted by unSpawn View Post
First of all any action (and that includes wiping disks and re-installing the OS or any SW) without determining the cause first is inefficient and may well expose loopholes (if any) again. (That doesn't mean you shouldn't move to mitigate if a breach of security is suspected!)
I am glad that I recommended that the OP make sure that he is rooted before doing a wipe. Determining the root cause of an anomaly makes sense to prevent the event from reoccurring(thanks for that!). For a lot of us who are not professional system administrators (like me) determining the root cause of an anomaly will be a daunting task. I do try to prevent mishaps by patching my systems and having software and hardware firewalls in place.
As the maintainer of rkhunter and a security professional do you have any further(beyond what you mentioned) tips on how to harden a system?
Thanks in advance for any and all suggestions, links, and advice unSpawn. I am genuinely curious.
 
Old 12-31-2013, 10:47 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,810
Blog Entries: 54

Rep: Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986
Quote:
Originally Posted by hitest View Post
I do try to prevent mishaps by patching my systems and having software and hardware firewalls in place.
Good, good...


Quote:
Originally Posted by hitest View Post
(..) do you have any further(beyond what you mentioned) tips on how to harden a system?
I'm sorry but that would deviate from the topic of this thread. You're invited to open a new thread for that topic.

Last edited by unSpawn; 12-31-2013 at 10:55 AM. Reason: //Fix missing vBB quote tag.
 
1 members found this post helpful.
Old 12-31-2013, 10:52 AM   #3
hitest
Senior Member
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware, OpenBSD
Posts: 4,283

Original Poster
Rep: Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588
Quote:
Originally Posted by unSpawn View Post
I'm sorry but that would deviate from the topic of this thread. You're invited to open a new thread for that topic.
Thank you, unSpawn. I will do that.
 
Old 12-31-2013, 02:48 PM   #4
ReaperX7
Senior Member
 
Registered: Jul 2011
Location: California
Distribution: LFS-7.6, Slackware 14.1, FreeBSD 10.1
Posts: 3,851
Blog Entries: 15

Rep: Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191Reputation: 1191
Proper system hardening involves many steps, but they're mostly common sense security tactics. Here's some I know of...

1. Implement a Host Intrusion Detection System like Samhain to notify you of attacks.

2. Set up a proper Stateful Packet Inspection and Filtering Firewall and tune it for specific ports and applications.

3. Set up a Secondary login account for Root and use strong passwords at least 14+ characters in length. Try to limit SSH and Telnet to non-root accounts if possible.

4. Use sudo or Superuser to access root through a user account with proper permissions.

5. Set up a proper Rootkit, Malware, and Virus scanner and keep it updated. Scan regularly and keep track of the scans.

6. Keep track of security alerts with packages and update as needed.

7. Lock down root. Prevent root logins from your Display Manager. KDM has a built in system for this.

8. Segregate /home to it's own partition if necessary and use a seperate /boot partition excluded from being auto mounted with fstab.

9. Backup your data files regularly.

10. Use script and ad blockers in web browsers, limit Flash and Java usage to user accounts. If necessary, don't install either.

There are dozens of other tips as well, but these are just common sense. In fact Common Sense is your best ally when securing your system. Use it regularly and wisely.

Last edited by ReaperX7; 12-31-2013 at 02:51 PM.
 
1 members found this post helpful.
Old 12-31-2013, 02:53 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,810
Blog Entries: 54

Rep: Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986Reputation: 2986
Quote:
Originally Posted by ReaperX7 View Post
Proper system hardening involves many steps, but
Why did you think I said going into hardening would deviate from the topic of that thread? Now I'm forced to prune off-topic posts to prevent further pollution of that thread.
 
Old 12-31-2013, 07:40 PM   #6
hitest
Senior Member
 
Registered: Mar 2004
Location: Prince Rupert, B.C., Canada
Distribution: Slackware, OpenBSD
Posts: 4,283

Original Poster
Rep: Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588Reputation: 588
Sorry unSpawn. Marking this thread as solved. I would very much welcome your perspective in the Slackware hardening thread I recently started. If that interferes with your moderating duties I understand.
Happy New year.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Infected Home Directory dave.h Slackware 16 12-31-2013 05:21 AM
User does int getting home directory in root home in ubuntu 10.04 lucid lynx sunrised24 Linux - Server 2 03-07-2012 10:21 AM
"Home directory already exists. Please enter another home directory path." Daravon Ubuntu 2 02-15-2009 11:26 PM
contents of 'home' directory found at sda5: mounted as /home, and also on sda6:/home leswatson Linux - Newbie 4 04-18-2008 05:02 PM


All times are GMT -5. The time now is 01:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration