Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 02-03-2003, 10:55 PM   #1
LQ Newbie
Registered: Feb 2003
Posts: 1

Rep: Reputation: 0
Question NEW 2 RH ANYTHING, but Winx power user

target point: setting up server for shell accounts on IRC or other.
steps in process
1) installed RH 7.2 - tested online status - ok
2) ?? am thinking that updates or security messure is needed.*

new to RH or unix/linux, just install RH 7.2 and need to know the steps in making sure it secure and stable, new to envoiment, use to Windows platform, (*norm would fdisk/format/partition/install after install, OS and security updates then NAV or other anti-virus. then accounts).

3) hoping to get advice frm the Great Linux GOD.

thank you
am online most everynight till 3-4 am
Old 02-04-2003, 05:45 AM   #2
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696

Rep: Reputation: 232Reputation: 232Reputation: 232
Making sure your system is secure is a long process and in fact it never stops...
What you should start from? A firewall (there are many iptables scripts examples posted to this site), for sure. Then browse the list of running services and turn off all you don't need. Make sure you've got all the security upgrades. Then check them from time to time...
Old 02-04-2003, 07:21 AM   #3
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
Next to Mara's suggestions which I agree fully with IMO the most important thing is to become a user. Why? because the firewall won't stop users from trying to compromise the box. See what they got access to you wouldn't like them to have like for instance suid/sgid binaries, system configs (a shell user doesn't need to read lilo.conf or /etc/pam.d or /var/httpsd), compilers.

- hide/remove development stuff
- install the GRSecurity kernel patch: it allows for "Trusted Path Execution" which only means binaries outside designated $PATH can't be run (like mount -o ro,noexec,nodev,nosuid), has extensive audit caps like logging user activity (per group, per id) and protects your kernel against typical forms of buffer overflows. It also does ACL 's.
- focus on ulimits: (background) process/login/diskspace/cpu limits
- do look into logging to a remote syslogd
- focus on your fw's limiting. IRC boxen are DoS prone by nature.
- regularly trawl the system for bad stuff

//If you want more links about securing your box search the security forum, I post a list with basic references regularly.

HTH somehow.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
creating user account with root power linux_lover2005 Linux - Newbie 6 01-04-2007 12:51 AM
winx help BRC Linux - Software 1 11-11-2004 02:14 AM
vsftp power user RJL Linux - Software 0 07-21-2004 01:51 PM
samba 2.2..8 and winx pro terran2k Linux - Networking 2 07-18-2003 06:54 AM
winx cvs download N_A_J_M Linux - General 5 02-24-2003 06:09 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:19 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration