Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Slackware This Forum is for the discussion of Slackware Linux.


  Search this Thread
Old 09-22-2010, 01:22 AM   #1
LQ Newbie
Registered: Sep 2010
Location: Cairo
Distribution: Ubuntu 10.04LTS
Posts: 6

Rep: Reputation: 0
Smile Looking for some security advice!

Hey slackers, fellow subgenius here.

Anyways, I'll tell this short story why this post is here, then the detail of my question. Bare with my mild rant.

Used slack back in 04-05 etc. And loved it's ways. I felt like I was in control on a deeper level; however, (I'm not here to bash a different distro, but now that Ubuntu has become what it is, I honestly feel it's made me stupid in regards to the core of Linux control)

04-10 releases changed, and the OS kept getting a 'new' look. It just had the same name, and frankly, I've had enough of it. I kept that as short as possible from years of exposure to Ubuntu.. So...

I'm coming back to be a slackmaster and I'm sure Ivan Stang would be proud.

My initial question:

I am interested in some good OS lock down tips/urls, etc that can help me get back on my feet to a secure slack. I miss the days of my Bob Dobbs Screensaver, and I honestly feel like a nub again thanks to the other distro I mentioned.

Thanks again.

~A subgenius
Old 09-22-2010, 02:19 AM   #2
Senior Member
Registered: Dec 2005
Location: Springfield, MO
Distribution: Slackware64-14.2
Posts: 1,441

Rep: Reputation: 311Reputation: 311Reputation: 311Reputation: 311
you can use Alien Bob's slackware firewall generator to make a firewall. It's really simple. after you have the firewall generated you save it save as "rc.firewall" and save it in "/etc/rc.d" and make it executable using "chmod +x rc.firewall" and it will automatically be launched at bootup.

And always follow security update packages from the official changelogs.
Old 09-22-2010, 02:33 AM   #3
LQ 5k Club
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,528

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
Some links

Kind regards
Old 09-22-2010, 11:08 AM   #4
Registered: Jun 2008
Posts: 331

Rep: Reputation: 31
I would like to add the following tutorial by Jeffrey Denton (I believe).

It is a bit dense - and slightly out of date in places. But I found lots of useful little bits for tightening things up.
Old 09-22-2010, 12:19 PM   #5
Registered: May 2001
Posts: 29,359
Blog Entries: 55

Rep: Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546Reputation: 3546
Originally Posted by xj25vm View Post
and slightly out of date in places.
Since one line reads "Linux 2.4.32 Last login: Wed Jun 27 20:23:42 -0700 2001 on tty2", yeah, I'd say it's showing its age. I found it has
- no mention of 'sulogin' in /etc/inittab for runlevel S,
- change mode on cronjobs but no mention of /etc/cron.allow white-listing,
- /etc/rc.d/rc.local: would be easier to populate /etc/ethers with IP-MAC pairs then 'arp -f /etc/ethers' or something,
- /var/spool/cron/crontabs/root "Cron should mail the results to root.": root should be an alias in /etc/aliases to an unprivileged account a human reads. (Also see adding user accounts in /etc/mail/aliases instead of a single "root: jdenton" at the end),
- touch /etc/at.allow: "Don't allow anyone to use at.": no (security) reasons I know of why to deny select users to use 'at',
- /usr/sbin/httpd: if you use SSL then ensure you deny null and "weak" ciphers (and using a WAF like mod_security wouldn't be bad),
- /etc/login.defs: after you chown'd and chattr'd the hell out of the system, using "NO_PASSWORD_CONSOLE" is a nice way to weaken system security (FFS),
- "ifconfig eth0 mtu 68" (WTF?),
- it doesn't touch HIDS (Samhain, Aide, Integrit, whateverelse) nor NIDS (Snort, Prelude, OSSEC), and
- its iptables rule set is almost nonexistent. While it is not the most terse documentation around, and certainly not adapted to your distribution of choice, I think you could start with worse documents than the "Securing Debian" manual as checklist. Also it would be beneficial to take a baseline snapshot of a pristine installed OS and then run GNU/Tiger on it for local checks and say OpenVAS for remote ones (or whatever equivalent tool). This way you can test and compare qualitative changes in security posture which beats just following some recipe without testing results.
Old 09-22-2010, 02:22 PM   #6
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,867
Blog Entries: 27

Rep: Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161Reputation: 2161

Welcome to LQ & Slackware!

Look at 'Security' section of 'Slackware-Links' .

Just a few more useful links;

SlackwareŽ Essentials
SlackwareŽ Basics
Linux Documentation Project
Rute Tutorial & Exposition
Linux Command Guide
Bash Reference Manual
Advanced Bash-Scripting Guide
Linux Newbie Admin Guide
Getting Started with Linux

The above links and others can be found at 'Slackware-Links' . More than just SlackwareŽ links!
Old 09-22-2010, 10:36 PM   #7
LQ Newbie
Registered: Sep 2010
Location: Cairo
Distribution: Ubuntu 10.04LTS
Posts: 6

Original Poster
Rep: Reputation: 0
Talking Thank you!

After a bit of tweaking and setups, It's up and running now. Thank you to you all, and the firewall is running great.

No issues, the slackware I remember.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Seamonkey install - security advice yogaboy2 Linux - Software 4 07-02-2009 04:55 AM
Going for my CompTIA Security+ . Any advice? Micro420 Linux - Certification 6 02-12-2007 12:32 AM
Redhat 7.2 upgrade/security advice stoke Red Hat 2 03-21-2005 05:29 AM
Noob security advice Fiend Linux - Security 3 08-28-2004 08:46 PM
Security advice for a web server please pembo13 Linux - Security 4 07-01-2004 03:19 PM > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:59 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration