LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-03-2003, 11:55 PM   #1
ZeeKAlphA
LQ Newbie
 
Registered: Feb 2003
Posts: 1

Rep: Reputation: 0
Question NEW 2 RH ANYTHING, but Winx power user


target point: setting up server for shell accounts on IRC or other.
steps in process
1) installed RH 7.2 - tested online status - ok
2) ?? am thinking that updates or security messure is needed.*

new to RH or unix/linux, just install RH 7.2 and need to know the steps in making sure it secure and stable, new to envoiment, use to Windows platform, (*norm would fdisk/format/partition/install after install, OS and security updates then NAV or other anti-virus. then accounts).

3) hoping to get advice frm the Great Linux GOD.

thank you
ZeeKAlphA
zeekalpha@hotmail.com
zeek@sysascend.com
am online most everynight till 3-4 am
 
Old 02-04-2003, 06:45 AM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,580

Rep: Reputation: 191Reputation: 191
Making sure your system is secure is a long process and in fact it never stops...
What you should start from? A firewall (there are many iptables scripts examples posted to this site), for sure. Then browse the list of running services and turn off all you don't need. Make sure you've got all the security upgrades. Then check them from time to time...
 
Old 02-04-2003, 08:21 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,361
Blog Entries: 55

Rep: Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547Reputation: 3547
Next to Mara's suggestions which I agree fully with IMO the most important thing is to become a user. Why? because the firewall won't stop users from trying to compromise the box. See what they got access to you wouldn't like them to have like for instance suid/sgid binaries, system configs (a shell user doesn't need to read lilo.conf or /etc/pam.d or /var/httpsd), compilers.

- hide/remove development stuff
- install the GRSecurity kernel patch: it allows for "Trusted Path Execution" which only means binaries outside designated $PATH can't be run (like mount -o ro,noexec,nodev,nosuid), has extensive audit caps like logging user activity (per group, per id) and protects your kernel against typical forms of buffer overflows. It also does ACL 's.
- focus on ulimits: (background) process/login/diskspace/cpu limits
- do look into logging to a remote syslogd
- focus on your fw's limiting. IRC boxen are DoS prone by nature.
- regularly trawl the system for bad stuff

//If you want more links about securing your box search the security forum, I post a list with basic references regularly.

HTH somehow.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
creating user account with root power linux_lover2005 Linux - Newbie 6 01-04-2007 01:51 AM
winx help BRC Linux - Software 1 11-11-2004 03:14 AM
vsftp power user RJL Linux - Software 0 07-21-2004 02:51 PM
samba 2.2..8 and winx pro terran2k Linux - Networking 2 07-18-2003 07:54 AM
winx cvs download N_A_J_M Linux - General 5 02-24-2003 07:09 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 04:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration