LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 09-22-2010, 01:22 AM   #1
Alnitak
LQ Newbie
 
Registered: Sep 2010
Location: Cairo
Distribution: Ubuntu 10.04LTS
Posts: 6

Rep: Reputation: 0
Smile Looking for some security advice!


Hey slackers, fellow subgenius here.

Anyways, I'll tell this short story why this post is here, then the detail of my question. Bare with my mild rant.

Used slack back in 04-05 etc. And loved it's ways. I felt like I was in control on a deeper level; however, (I'm not here to bash a different distro, but now that Ubuntu has become what it is, I honestly feel it's made me stupid in regards to the core of Linux control)

04-10 releases changed, and the OS kept getting a 'new' look. It just had the same name, and frankly, I've had enough of it. I kept that as short as possible from years of exposure to Ubuntu.. So...

I'm coming back to be a slackmaster and I'm sure Ivan Stang would be proud.

My initial question:

I am interested in some good OS lock down tips/urls, etc that can help me get back on my feet to a secure slack. I miss the days of my Bob Dobbs Screensaver, and I honestly feel like a nub again thanks to the other distro I mentioned.

Thanks again.

~A subgenius
 
Old 09-22-2010, 02:19 AM   #2
Daedra
Senior Member
 
Registered: Dec 2005
Location: Springfield, MO
Distribution: Slackware64-14.1
Posts: 1,222

Rep: Reputation: 177Reputation: 177
you can use Alien Bob's slackware firewall generator to make a firewall. It's really simple. after you have the firewall generated you save it save as "rc.firewall" and save it in "/etc/rc.d" and make it executable using "chmod +x rc.firewall" and it will automatically be launched at bootup.

http://connie.slackware.com/~alien/efg/


And always follow security update packages from the official changelogs.
 
Old 09-22-2010, 02:33 AM   #3
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,501

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
Some links
http://tldp.org/HOWTO/Security-HOWTO/
http://www.net-security.org/article.php?id=111
http://www.linuxsecurity.com/

Kind regards
 
Old 09-22-2010, 11:08 AM   #4
xj25vm
Member
 
Registered: Jun 2008
Posts: 262

Rep: Reputation: 17
I would like to add the following tutorial by Jeffrey Denton (I believe).

http://transamrit.net/docs/sysHardening/system-hardening-10.2.txt

It is a bit dense - and slightly out of date in places. But I found lots of useful little bits for tightening things up.
 
Old 09-22-2010, 12:19 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,285
Blog Entries: 54

Rep: Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854Reputation: 2854
Quote:
Originally Posted by xj25vm View Post
and slightly out of date in places.
Since one line reads "Linux 2.4.32 Last login: Wed Jun 27 20:23:42 -0700 2001 on tty2", yeah, I'd say it's showing its age. I found it has
- no mention of 'sulogin' in /etc/inittab for runlevel S,
- change mode on cronjobs but no mention of /etc/cron.allow white-listing,
- /etc/rc.d/rc.local: would be easier to populate /etc/ethers with IP-MAC pairs then 'arp -f /etc/ethers' or something,
- /var/spool/cron/crontabs/root "Cron should mail the results to root.": root should be an alias in /etc/aliases to an unprivileged account a human reads. (Also see adding user accounts in /etc/mail/aliases instead of a single "root: jdenton" at the end),
- touch /etc/at.allow: "Don't allow anyone to use at.": no (security) reasons I know of why to deny select users to use 'at',
- /usr/sbin/httpd: if you use SSL then ensure you deny null and "weak" ciphers (and using a WAF like mod_security wouldn't be bad),
- /etc/login.defs: after you chown'd and chattr'd the hell out of the system, using "NO_PASSWORD_CONSOLE" is a nice way to weaken system security (FFS),
- "ifconfig eth0 mtu 68" (WTF?),
- it doesn't touch HIDS (Samhain, Aide, Integrit, whateverelse) nor NIDS (Snort, Prelude, OSSEC), and
- its iptables rule set is almost nonexistent. While it is not the most terse documentation around, and certainly not adapted to your distribution of choice, I think you could start with worse documents than the "Securing Debian" manual as checklist. Also it would be beneficial to take a baseline snapshot of a pristine installed OS and then run GNU/Tiger on it for local checks and say OpenVAS for remote ones (or whatever equivalent tool). This way you can test and compare qualitative changes in security posture which beats just following some recipe without testing results.
 
Old 09-22-2010, 02:22 PM   #6
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: Slackware®
Posts: 11,201
Blog Entries: 3

Rep: Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427Reputation: 1427
Hi,

Welcome to LQ & Slackware!

Look at 'Security' section of 'Slackware-Links' .

Just a few more useful links;

Slackware® Essentials
Slackware® Basics
Linux Documentation Project
Rute Tutorial & Exposition
Linux Command Guide
Bash Reference Manual
Advanced Bash-Scripting Guide
Linux Newbie Admin Guide
LinuxSelfHelp
Getting Started with Linux

The above links and others can be found at 'Slackware-Links' . More than just Slackware® links!
 
Old 09-22-2010, 10:36 PM   #7
Alnitak
LQ Newbie
 
Registered: Sep 2010
Location: Cairo
Distribution: Ubuntu 10.04LTS
Posts: 6

Original Poster
Rep: Reputation: 0
Talking Thank you!

After a bit of tweaking and setups, It's up and running now. Thank you to you all, and the firewall is running great.

No issues, the slackware I remember.

Cheers!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Seamonkey install - security advice yogaboy2 Linux - Software 4 07-02-2009 04:55 AM
Going for my CompTIA Security+ . Any advice? Micro420 Linux - Certification 6 02-12-2007 12:32 AM
Redhat 7.2 upgrade/security advice stoke Red Hat 2 03-21-2005 05:29 AM
Noob security advice Fiend Linux - Security 3 08-28-2004 08:46 PM
Security advice for a web server please pembo13 Linux - Security 4 07-01-2004 03:19 PM


All times are GMT -5. The time now is 10:56 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration