Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-16-2007, 08:26 PM
|
#1
|
LQ Newbie
Registered: Jan 2007
Posts: 4
Rep:
|
Hardening dedicated server
If you have a debian linux web/mail dedicated server (like apache, postfix and so on) already configured, what other else would you do to secure more your machine? For example cron scripts to check file dir permissions, some IDS/IPS to detect strange behaviours, some scripts that can send email if something strange (like intrusion or server down) is happening, some rootkit scanners....what would you do to secure your server?
Can you hint me some trick?
Thanks
|
|
|
01-16-2007, 08:49 PM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,415
|
Hello and welcome to LQ, hope you like it here.
already configured, what else
The way you put your question it looks like you have already done some things to secure your server. Or was it handed over that way to you? If you did things yourself it would be good to list what you did so we don't duplicate or post unnecessary things. Then there's doing research. Debian has a rather good security manual. If you didn't read it you should. For more maybe check out the LQ FAQ: Security references. Then I'd use a checklist and use a scanner like Tiger to determine the general status of the server. Results vs checklist should show you where to start.
|
|
|
01-17-2007, 06:06 AM
|
#3
|
LQ Newbie
Registered: Jan 2007
Posts: 4
Original Poster
Rep:
|
Hi,
first of all many thanks for you reply really kind
Well, I set up apache2 following this guide http://www.securityfocus.com/infocus/1786
but without chroot. I think that if apache already run as a limited user (www-data) then it's not so harmful. At least an attacker has to escalate to root. But if he can escalate to root, even with chroot then it's not so secure, he can mount device and then escape from chroot.
I've even php4 (safe mode) and mysql. For postfix I followed this guide: http://www.onlamp.com/pub/a/bsd/2003/08/21/postfix.html
This is what I've done until now
many thanks in advance
|
|
|
01-17-2007, 07:53 AM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,415
|
OK. With all due respect but you reacted to half my post and left this out:
Quote:
Then there's doing research. Debian has a rather good security manual. If you didn't read it you should. For more maybe check out the LQ FAQ: Security references. Then I'd use a checklist and use a scanner like Tiger to determine the general status of the server. Results vs checklist should show you where to start.
|
Any remarks on (acting on) that?
|
|
|
01-17-2007, 08:29 AM
|
#5
|
LQ Newbie
Registered: Jan 2007
Posts: 4
Original Poster
Rep:
|
sorry I was only replying to your first question
No, I've still to read links you gave me Thanks
|
|
|
01-17-2007, 08:41 AM
|
#6
|
Moderator
Registered: May 2001
Posts: 29,415
|
Ah, OK. BTW, don't try and grok the whole Security references part in one go or you'll go mad as a hatter, chunk it, take your time and ask questions as you progress.
|
|
|
01-18-2007, 09:21 AM
|
#7
|
LQ Newbie
Registered: Jan 2007
Posts: 4
Original Poster
Rep:
|
Question:
if I install apache2, php, mysql with apt-get and then chroot all these packages, then if there's a apt-get upgrade how can I updates these softwares inside chroot? Makejail?
Thanks
|
|
|
01-18-2007, 08:40 PM
|
#8
|
Moderator
Registered: May 2001
Posts: 29,415
|
If "Makejail" contains functionality to copy the updated libs and binaries from the "host" system to the chroot, yes, why not?
|
|
|
All times are GMT -5. The time now is 02:45 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|