LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-23-2002, 07:11 PM   #1
miso
LQ Newbie
 
Registered: Nov 2002
Posts: 1

Rep: Reputation: 0
Security CheckList


I am teaching myself Linux server Administration, and was hoping I good get some valuable advice. I just got my first server, RH 7.2 loaded on it.

I want to know if anyone can offer advice on securing it.

Can you offer a checklist. What should I do first, etc.

I work really hard to learn this on my own since I can't afford to go to school. I don't want to have my hard work ruined by some jerk who just want to hack my server.

Please...any help and advice would be so much appreciated!!!!

All the best my friends.

Miso
 
Old 11-23-2002, 07:28 PM   #2
Bert
Senior Member
 
Registered: Jul 2001
Location: 406292E 290755N
Distribution: GNU/Linux Slackware 8.1, Redhat 8.0, LFS 4.0
Posts: 1,004

Rep: Reputation: 46
Remove redhat 7.2 and update it first. It was an awful distro. Get 7.3 and update all the rpms via up2date or get 8.0 and do the same.
Security is an ongoing issue - it's not a case of bolting it down and calling it secure.

But you know that already.

Bert
 
Old 11-23-2002, 07:33 PM   #3
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
First of all you need to cut down the services installed to thost you just need that's the first step. This step can be done at install time already (most of it at least).

As the first start you might want to check out the UNIX Security Checklist v2.0
 
Old 11-25-2002, 03:22 PM   #4
rosko
Member
 
Registered: Sep 2002
Distribution: RH8
Posts: 93

Rep: Reputation: 15
Outta the box, or off the cd, RH8 is pretty secure. You can choose to install everything such as HTTP/FTP/Telnet etc, and by default if you choose high or medium for your firewall there isn't much of a chance of outside user access. This is of course assuming you have used up2date and completely patched the system. You have to manually enable stuff like telnet, ftp, SSH. Like said above, if you keep up with the up2date updates, you should be ok as long as you follow the simple guidlines giving in each text readme for ftp/telnet etc.

good luck
 
Old 11-25-2002, 04:23 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
Welcome to LQ, miso.
Next to the excellent previous advice I'll bombard you with the usual LQ reference list:

*Ive compiled my list of references a while ago, so theres lotsa stuff inhere you might not be interested in at this point, maybe later on, HTH:

Basic references:
- AUSCERT UNIX Computer Security Checklist (Version 1.1) www.cert.org/tech_tips/AUSCERT_checklist1.1
- Steps for Recovering from a UNIX or NT System Compromise www.cert.org/tech_tips/root_compromise.html
In fact read the whole of http://www.cert.org/tech_tips/
- The CIT Computer Security Handbook: www.cit.nih.gov/security/handbook.html
- Aging stuff from Phrack, good to read back to be sure, like "Unix System Security Issues" www.fc.net/phrack/files/p18/p18-7.html
- SEI stuff like www.sei.cmu.edu/publications/lists.html handling IDS
- Intrusion Detection and Network Auditing on the Internet www.infosyssec.net/infosyssec/intdet1.htm

Top it off with some reading material on security:
- Security tips: www.cert.org/tech_tips/ and www.cert.org/security-improvement/, http://www.securityportal.com/resear...xsecurity.html
- Top ten vulnerabilities: www.sans.org/topten.htm and http://www.cert.org/present/cert-ove...ends/index.htm
- Firewalling: www.infosyssec.net/infosyssec/firew1.htm, www.linux-firewall-tools.com/linux/
- Securing Xwindows: http://www.uwsg.indiana.edu/usail/ex...d/xsecure.html

Basic Linux references:
http://www.sans.org/infosecFAQ/linux/linux_list.htm
- The SANS Reading room: Linux issues (used Google's cache),
- the LASG or Linux Administrator's Security Guide,
- Securing Optimizing Linux RH Edition(1),
- Linux Security HOWTO,
*Linuxsecurity.com have a Quickreference pdf card.
Post-Installation Security Procedures (Linuxjournal)
- Security Quick-Start HOWTO for Linux,
- The Linux-PAM System Administrators' Guide
- Armoring Linux,
- A Short Course on Systems Administration and Security Under Unix(1)
- SAG: The Linux System Administrator's Guide,
- Basics on firewalling: www.linuxdoc.org/HOWTO/Firewall-HOWTO.html
- Basic introduction to building ipchains rules: www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html
- Explanation of the Ipchains logformat: logi.cc/linux/ipchains-log-format.php3
- Ipchains log decoder: dsl081-056-052.dsl-isp.net/dmn/decoder/decode.php
- The Iptables HOW-TO: http://people.unix-fu.org/andreasson/index.html
- LQ notes on Linksys security: http://www.linuxquestions.org/questi...007#post157007
- The Unix Auditor's Practical Handbook: http://www.nii.co.in/tuaph.html,
Neohapsis archives: http://www.neohapsis.com
Linux Gazette: http://www.linuxgazette.com
Experts exchange: http://www.experts-exchange.com
Linuxsecurity.com, SecurityFocus.com
Matt's Unix Security Page: http://www.deter.com/unix/
E-secure-db Security Information database: http://www.e-secure-db.us/dscgi/ds.p...ollection-1586

* Also please note a lot of questions are already answered. using LQ's search function may help you find answers faster.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
security checklist ddaas Linux - Security 8 06-17-2005 05:36 AM
slack server checklist babyphil Slackware - Installation 8 06-14-2005 12:39 PM
Security checklist Dogit Linux - Security 6 02-25-2005 02:38 PM
vpn checklist sanw2k Linux - Networking 1 10-20-2003 03:28 AM
system checklist LLS Linux - Security 1 09-29-2003 12:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration