Quote:
Originally Posted by hack3rcon
I know it is Odd but I don't like to have a default username in my system.
|
...which in the scheme of things means literally
nothing. It would have been better / more efficient if you would have showed us what hardening you already have applied so we could efficiently correct and add to that.
Quote:
Originally Posted by hack3rcon
Can anyone show me some quick guide about securing linux more?
|
- Determine the location, type and purpose of the machine because that dictates which security documentation you will need to read.
- Start with your Linux distributions user, admin and security documentation and apply. (For example if you use Debian you could start with
this, if you use CentOS you could start with
this and
this.)
- Then see
this and
this.
- Then meditate on any per-service benchmarks Cisecurity provides for say MySQL, Apache etc, etc and
this (,
this) and
this.
- Follow that up by running an OpenVAS scan, preferably from one location that
is and one that
is not in any /etc/hosts.allow, firewall whitelist or other network ACL.
- Rinse and repeat when making software, configuration or user changes to the system.
Quote:
Originally Posted by hack3rcon
I guess LQ must prepare a good document about Linux basic security.
|
Put in some effort. You've been here long enough to know how searching LQ works. You could at least have found
this.