LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-16-2007, 08:26 PM   #1
MrXX
LQ Newbie
 
Registered: Jan 2007
Posts: 4

Rep: Reputation: 0
Hardening dedicated server


If you have a debian linux web/mail dedicated server (like apache, postfix and so on) already configured, what other else would you do to secure more your machine? For example cron scripts to check file dir permissions, some IDS/IPS to detect strange behaviours, some scripts that can send email if something strange (like intrusion or server down) is happening, some rootkit scanners....what would you do to secure your server?

Can you hint me some trick?

Thanks
 
Old 01-16-2007, 08:49 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Hello and welcome to LQ, hope you like it here.

already configured, what else
The way you put your question it looks like you have already done some things to secure your server. Or was it handed over that way to you? If you did things yourself it would be good to list what you did so we don't duplicate or post unnecessary things. Then there's doing research. Debian has a rather good security manual. If you didn't read it you should. For more maybe check out the LQ FAQ: Security references. Then I'd use a checklist and use a scanner like Tiger to determine the general status of the server. Results vs checklist should show you where to start.
 
Old 01-17-2007, 06:06 AM   #3
MrXX
LQ Newbie
 
Registered: Jan 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Hi,

first of all many thanks for you reply really kind

Well, I set up apache2 following this guide http://www.securityfocus.com/infocus/1786

but without chroot. I think that if apache already run as a limited user (www-data) then it's not so harmful. At least an attacker has to escalate to root. But if he can escalate to root, even with chroot then it's not so secure, he can mount device and then escape from chroot.

I've even php4 (safe mode) and mysql. For postfix I followed this guide: http://www.onlamp.com/pub/a/bsd/2003/08/21/postfix.html

This is what I've done until now

many thanks in advance
 
Old 01-17-2007, 07:53 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
OK. With all due respect but you reacted to half my post and left this out:
Quote:
Then there's doing research. Debian has a rather good security manual. If you didn't read it you should. For more maybe check out the LQ FAQ: Security references. Then I'd use a checklist and use a scanner like Tiger to determine the general status of the server. Results vs checklist should show you where to start.
Any remarks on (acting on) that?
 
Old 01-17-2007, 08:29 AM   #5
MrXX
LQ Newbie
 
Registered: Jan 2007
Posts: 4

Original Poster
Rep: Reputation: 0
sorry I was only replying to your first question

No, I've still to read links you gave me Thanks
 
Old 01-17-2007, 08:41 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Ah, OK. BTW, don't try and grok the whole Security references part in one go or you'll go mad as a hatter, chunk it, take your time and ask questions as you progress.
 
Old 01-18-2007, 09:21 AM   #7
MrXX
LQ Newbie
 
Registered: Jan 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Question:

if I install apache2, php, mysql with apt-get and then chroot all these packages, then if there's a apt-get upgrade how can I updates these softwares inside chroot? Makejail?

Thanks
 
Old 01-18-2007, 08:40 PM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
If "Makejail" contains functionality to copy the updated libs and binaries from the "host" system to the chroot, yes, why not?
 
  


Reply

Tags
firewall, hardening, secure, server


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Dedicated Server Distros (SME server and Censornet) Sugga Linux - General 2 09-22-2005 03:15 AM
JK2 Dedicated Server TBomb Linux - Games 3 05-26-2004 03:48 PM
JK2 Dedicated Server TBomb Linux - Software 2 05-23-2004 07:35 AM
Getting my first dedicated server Damainman Linux - Newbie 4 11-13-2003 04:48 PM
where to get UT dedicated server dkc_ace Linux - General 2 12-19-2002 07:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration