Securing Server
Can anyone point me to a howto, well not really a howto just a list of things I should be doing or looking for when I am trying to secure a linux box so that it is safe from attack.
If you want to point me to specifics the box is RHE 3 but I only have ssh access it is a remote box so I don't get any of the gui config options that are suppose to make RHE easy to secure with the built in firewall :) Any help will be appriciated, sites of our type have been getting hacked and on the last one the mainpage that was put in place said we were next. I am not to worried but you can never be to careful. |
chkconfig --list
Go through and disable all the junk you don't need...there's probably 80% of stuff that can be turned off for good that they have on by default for some reason. From there it's just a matter of setting up iptables to disallow certain things, xwindow forwarding, some other junk. |
Have you taken a look at the security references thread here. It's a good place to start for info on general security and server hardening.
|
Thanks a lot for the help
|
Oh just a question, what should I turn off like is there some things I should really look for or not. And how do I turn them off? If its with chkconfig, just say so, i will read the man
Here is my listing if it will help you give me hints on what to take out microcode_ctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off kudzu 0:off 1:off 2:off 3:off 4:on 5:off 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:off 2:on 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off cpanel 0:off 1:off 2:off 3:on 4:on 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off nscd 0:off 1:off 2:off 3:off 4:off 5:off 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off isdn 0:off 1:off 2:on 3:off 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off proftpd 0:off 1:off 2:on 3:on 4:off 5:on 6:off smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off netdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off nfslock 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off rhnsd 0:off 1:off 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off cups 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off dc_client 0:off 1:off 2:off 3:off 4:off 5:off 6:off winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off dc_server 0:off 1:off 2:off 3:off 4:off 5:off 6:off aep1000 0:off 1:off 2:off 3:off 4:off 5:off 6:off bcm5820 0:off 1:off 2:off 3:off 4:off 5:off 6:off squid 0:off 1:off 2:off 3:off 4:off 5:off 6:off named 0:off 1:off 2:off 3:off 4:off 5:off 6:off tux 0:off 1:off 2:off 3:off 4:off 5:off 6:off bandmin 0:off 1:off 2:on 3:on 4:on 5:on 6:off rlx-runctl 0:off 1:off 2:on 3:on 4:on 5:on 6:off rlx-agentd 0:off 1:off 2:off 3:on 4:on 5:on 6:off mdmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off chkservd 0:off 1:off 2:off 3:on 4:on 5:on 6:off mysql 0:off 1:off 2:on 3:on 4:on 5:on 6:off portsentry 0:off 1:off 2:off 3:on 4:on 5:on 6:off ipaliases 0:off 1:off 2:on 3:on 4:on 5:on 6:off filelimits 0:off 1:off 2:on 3:on 4:on 5:on 6:off spamassassin 0:off 1:off 2:off 3:off 4:off 5:off 6:off antirelayd 0:off 1:off 2:on 3:on 4:on 5:on 6:off exim 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd based services: pop-3: on ntalk: on talk: on telnet: on bpcd: on cpimap: on vnetd: on vopied: on bpjava-msvc: on krb5-telnet: off imap: off imaps: off ipop2: off ipop3: off pop3s: off eklogin: off gssftp: off klogin: off kshell: off rsync: off |
All times are GMT -5. The time now is 05:35 AM. |