Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
what software do i need to make my gentoo computer as secure as possible?
is snort enough? i heard that snort was an Intruder Detection System, but not a firewall. is that true?
my computer has 1 network card, plenty of space and RAM, No routers or other types of hardware security.
i am seeking the ultimate security guideline for linux computers.
Try Shorewall. It will configure your ip filters that are built into the kernel (since 2.4). It is fairly easy to work with, especially if you use the webmin system configuration utilities.
Along with a good firewall, I'd definitely recommend using a file-alteration scanner like tripwire, samhain, or aide. You should also use a good rootkit scanner like chkrootkit or rkhunter. I consider those to be absolute necessities on every new install. You should also include a general hardening procedure on every new install, including turning off un-needed services and install security patches.
Beyond that, there is a wide number of security measures you can take, really depending on your particular requirements and how you define "as secure as possible". For example you can do things like kernel hardening, add buffer overflow protection, tighten access controls, chroot services, remove dynamic module loading (lkm support), etc. A good place to start is by taking a look at unSpawns Security References thread near the top of the forum and do some reading.
Last edited by Capt_Caveman; 11-25-2005 at 01:33 PM.
In security, the human factor is always the weak link. That means... you, the system owner/administrator.
The technologies that are available in the non-classified, consumer segment are more than adequate for the purposes for which they were intended ... if they are properly managed and used! (And the same goes for military systems, as well. A recent audit of the National Security Agency itself found more than 200,000 potential problems!) Yes... the weak link, and the most probable point of attack, is you and your employees.
Take the time to notice exactly what daemons are running on the system, and why. What user-ids exist and which can actually log in. Which services are available forxinetd to start-up. Take the time to use passwords that aren't in a dictionary. If you are not using mail, or news, or NFS, or what-have-you, turn them off! If you use ssh, use digital certificates.
Most of the time we're dealing with automated cat-burglars ... opportunists. They are used to finding neighborhoods where every door is unlocked and every window is open and nobody's home. So, if they twist on a doorknob and it doesn't turn, why bother with this one? "Next!" It's just like the old saw that "the most important part of a home security system is the sign in your yard." If you do even the slightest thing to lock your doors and windows, then you are no longer "easy pickings" and it's apparent that you might be watching. Unless the intruder knows you and you really have something that he would want (which is unlikely), you're likely to be ignored.
Last edited by sundialsvcs; 11-27-2005 at 09:59 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.