LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   New to Linux - How worried should I be? (https://www.linuxquestions.org/questions/linux-security-4/new-to-linux-how-worried-should-i-be-68971/)

Harimwakairi 06-30-2003 01:15 AM
New to Linux - How worried should I be?
 
I finished a new install of Redhat 9.0 on my spare computer. I'm going to be using it as an email and web server for my little personal domain. I have it on my cable modem behind a Linksys router. The ports I've got open and forwarded to the Linux box are ftp, http, smtp, and ssh. Everything else is closed off. I've got Redhat's little updater going, and I'm current with everything they have.

At this point, do I need to worry about security all that much? Can I rely on Redhat's up2date to keep me exploit free, keep just those four ports open and be good to go? Or do I need to get a security book and subscribe to bugtraq before some thirteen-year-old 0wns me? :)

sepski 06-30-2003 02:05 AM
keeping current with updates are very important.

but a bugfree system won't help if you have weak passwords.
so keep strong passwords on all users of the system, and very strong password for root.

http://www.gnu.org/directory/Securit...on/pwdgen.html
this is a nice tool for making passwords.

or you can just drop you'r cat on the keyboard. :)

Harimwakairi 06-30-2003 09:10 PM
Thanks for the info. I was thinking of getting a cat anyway... :)

unSpawn 07-02-2003 06:31 AM
Choosing "good" passwds and updating is ok, but it's not everything.
Please start at the LQ FAQ: Security references, post #1 under "Checklists".

Noryungi 07-02-2003 06:48 AM
Unless you really badly need to have a server on this machine, I would recommend closing down everything except SSH.

ftp is a BAD idea, in any case, since most ftp daemons are easy targets for crackers.

Relying on Red Hat for security is a bad idea, since they are the most common ditro -- and, therefore, the most hacked. Try enabling the VPN functions on your Linksys to restrict login to the server to a bunch of pre-programmed (external) IP addresses.

There is a good tutorial on SSH and how it can replace most everything at the following address:

http://www.linuxjournal.com/article....thread&order=0

And do get a good security book before you get hacked. Please.

je_fro 07-22-2003 04:13 PM
Forget redhat default security
 
Learn iptables and secure your box.

http://www.thing.dyndns.org/debian/iptables.htm

http://www.ibiblio.org/pub/Linux/doc...ade-HOWTO.html

http://iptables.linux.dk/


All times are GMT -5. The time now is 08:12 PM.