SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
First of all any action (and that includes wiping disks and re-installing the OS or any SW) without determining the cause first is inefficient and may well expose loopholes (if any) again. (That doesn't mean you shouldn't move to mitigate if a breach of security is suspected!)
I am glad that I recommended that the OP make sure that he is rooted before doing a wipe. Determining the root cause of an anomaly makes sense to prevent the event from reoccurring(thanks for that!). For a lot of us who are not professional system administrators (like me) determining the root cause of an anomaly will be a daunting task. I do try to prevent mishaps by patching my systems and having software and hardware firewalls in place.
As the maintainer of rkhunter and a security professional do you have any further(beyond what you mentioned) tips on how to harden a system?
Thanks in advance for any and all suggestions, links, and advice unSpawn. I am genuinely curious.
Proper system hardening involves many steps, but they're mostly common sense security tactics. Here's some I know of...
1. Implement a Host Intrusion Detection System like Samhain to notify you of attacks.
2. Set up a proper Stateful Packet Inspection and Filtering Firewall and tune it for specific ports and applications.
3. Set up a Secondary login account for Root and use strong passwords at least 14+ characters in length. Try to limit SSH and Telnet to non-root accounts if possible.
4. Use sudo or Superuser to access root through a user account with proper permissions.
5. Set up a proper Rootkit, Malware, and Virus scanner and keep it updated. Scan regularly and keep track of the scans.
6. Keep track of security alerts with packages and update as needed.
7. Lock down root. Prevent root logins from your Display Manager. KDM has a built in system for this.
8. Segregate /home to it's own partition if necessary and use a seperate /boot partition excluded from being auto mounted with fstab.
9. Backup your data files regularly.
10. Use script and ad blockers in web browsers, limit Flash and Java usage to user accounts. If necessary, don't install either.
There are dozens of other tips as well, but these are just common sense. In fact Common Sense is your best ally when securing your system. Use it regularly and wisely.
Why did you think I said going into hardening would deviate from the topic of that thread? Now I'm forced to prune off-topic posts to prevent further pollution of that thread.
Sorry unSpawn. Marking this thread as solved. I would very much welcome your perspective in the Slackware hardening thread I recently started. If that interferes with your moderating duties I understand.
Happy New year.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
