Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-16-2011, 10:11 AM
|
#1
|
LQ Newbie
Registered: May 2006
Location: Folkestone
Distribution: SLES
Posts: 19
Rep:
|
How do I know if my Linux box is secure?
With the fantastic help that I received from members so far and stuff that I have learnt on the way - I now have a windows box connected to the internet via the server.
Question is - how do I know if the linux box is secure?
Are there any things that I have to config now - I am slowly moving on to configuring the dns and dhcp server - but is there anything else I should have done?
|
|
|
04-16-2011, 10:21 AM
|
#2
|
Senior Member
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873
|
Computer security, even on Linux, is a huge subject. There are many tutorials on the Internet on this subject. Also, security is derived in part from your mindset when you use computers. In my case I whenever I do anything I always try to imagine if I am about to provide an opportunity for a clever person to do me harm. You should analyze every part of your computer's configuration with that thought in mind.
Some people base their careers on enhancing security. We cannot provide a comprehensive list of actions that will guarantee to result in a completely secure computer. There is only one approach to guarantee security. Turn the computer off, disconnect it from the network, and keep it in a bank vault.
Last edited by stress_junkie; 04-16-2011 at 10:28 AM.
|
|
|
04-16-2011, 10:33 AM
|
#3
|
LQ Newbie
Registered: May 2006
Location: Folkestone
Distribution: SLES
Posts: 19
Original Poster
Rep:
|
How do I know if my linux box is secure?
Oh no, I am not wanting that - it's just the fact that......2 months ago communications between myself and a client who I classed as a friend, who I was designing a website for, disintegrated due to a business differences. He thought it was wise and clever to try and retrieve from my windows box what I had been working on by employing a hacker. He failed, fortunately.
With my years of computer experience that only very slightly brushed unix and linux, I was fully aware that linux as a server would be the ideal way to keep most people out and would keep me relatively safe. So I set about purchasing a simple system capable of running a linux server distro, fitting it out with multiple nics and setting it up.
2 months later, here we are having purchased the Mike Petersen "Deploying SLES" book and the fantastic help of forums like these, google and friends at Maplin - I finally have my windows box back on the internet.
As I have very little experience and knowledge of linux and sles, I would like to know what I may have missed, what can I do to rectify it, and what else can I use the server for and how to do it?
Last edited by futsysmids; 04-16-2011 at 10:45 AM.
|
|
|
04-16-2011, 10:50 AM
|
#4
|
Senior Member
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873
|
Quote:
Originally Posted by futsysmids
... and would keep me relatively safe.
|
Linux and UNIX default installations are generally safer than a default Windows installation.
Quote:
Originally Posted by futsysmids
As I have very little experience and knowledge of linux and sles, I would like to know what I may have missed, what can I do to rectify it, and what else can I use the server for and how to do it?
|
I look at it this way. Every function on the computer is a doorway for attacks.
If you have a web server running on the computer then you have to study the ways to enhance the web server's security.
If you have an ftp server running on the machine then you have to study the ways to enhance the ftp server's security.
If you have remote log in available on the computer then you have to study ways to enhance the security of the remote log in.
Every function on the computer has potential security problems. Each has to be studied and addressed separately.
Last edited by stress_junkie; 04-16-2011 at 11:01 AM.
|
|
1 members found this post helpful.
|
04-16-2011, 11:28 AM
|
#5
|
LQ Newbie
Registered: Sep 2010
Posts: 5
Rep:
|
Do yourself a favor and get a DD-WRT, OpenWRT or tomato firmware enabled hardware firewall/router between your Local Area Network (LAN) and your providers Modem. Cost for hardware ($60 - $200) Firmware, both DD-WRT and OpenWRT are open source. Tomato you purchase and they install it for you.
Added bonus: IPv6 enabled (has been for years) and real time bandwidth logging so you know what your provider is giving you both downstream and upstream (more important) 24X7.
Good luck, the more you learn and do, the more secure your network will be!
|
|
1 members found this post helpful.
|
04-16-2011, 11:29 AM
|
#6
|
LQ Newbie
Registered: May 2006
Location: Folkestone
Distribution: SLES
Posts: 19
Original Poster
Rep:
|
How do I know if my linux box is secure?
Hi,
I understand that part.
There is no remote login allowed. The server is connected to the windows box via a crossover rj45 and to view the server distro is via a dvi to hdmi cable (my monitor has dvi and hdmi connections so I can switch between the linux distro and windows).
I think the next thing to do for me is to sit down with the Mike Petersen book I have a read it cover to cover. lol.
Quote:
Originally Posted by stress_junkie
Linux and UNIX default installations are generally safer than a default Windows installation.
I look at it this way. Every function on the computer is a doorway for attacks.
If you have a web server running on the computer then you have to study the ways to enhance the web server's security.
If you have an ftp server running on the machine then you have to study the ways to enhance the ftp server's security.
If you have remote log in available on the computer then you have to study ways to enhance the security of the remote log in.
Every function on the computer has potential security problems. Each has to be studied and addressed separately.
|
|
|
|
04-16-2011, 11:38 AM
|
#7
|
Senior Member
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873
|
If your computer is directly connected to the modem to your ISP then cbemerine's advice is very good. Any NAT router adds some protection. A firewall/NAT router is even better. Then you can forward specific ports for specific services to your server.
Your idea to use a good security book is also an excellent idea.
Yes you can have all of those services on one machine.
|
|
|
04-16-2011, 12:21 PM
|
#8
|
LQ Guru
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733
|
The first thing I do after installing openSuSE is to create a group for my regular user, and make that my primary group. I don't know if SLES does the same thing. Second, I configure ssh for public key authentication and lock it down so only an authorized user is allowed to try to log in.
There are a few books on locking down Linux servers. One thing to do is removing packages and services you don't need. A server will have less installed than a workstation computer.
SuSE has a security document. Be sure to read it. Pay attention to the sections on Auditing, AppArmor and SuSE's seccheck packages. SuSE and Red Hat are the two distro's supported by IBM, and they probably have a number of security related documents as well.
Pay attention to the sections on Auditing, AppArmor and SuSE's seccheck packages.
Consider logging and backups as well.
Configuring a website and email server are subjects on their own, and may present the largest vulnerability. Having a firewall on a web server is a good idea, but relying on it for your main firewall may not be. The site itself is probably what gets cracked first.
Last edited by jschiwal; 04-16-2011 at 12:23 PM.
|
|
|
All times are GMT -5. The time now is 04:42 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|