security

[Tim Wilson <wilson@chemsun.chem.umn.edu>]

Good morning everyone,

I've been thinking about security on my server lately. I've realized that
I really need to get up to speed on security issues before my system gets
cracked. I've been reading some docs on the subject, but I thought the
entire list might benefit from this question. (Incidentally, I suppose
this would be a good topic for the FAQ-O-matic, but I was having trouble
figuring out how to use it. It didn't seem to want to accept my password.)

Let's assume that you've got a newly installed Linux system on a
brand-spankin'-new server. RedHat for example. Let's say that this machine
will be a file server on a LAN with a mixture of Win9x/NT and Linux
client. You will also be running a web server, ftp server, and would like
to allow remote access from home for administration purposes. Once the
system is installed, what steps should you take to secure the system?

Let's contribute a list of steps, put them into some order, and place it
on the TCLUG website or in the FAQ-O-matic. Here are some initial
suggestions (incomplete, and in no particular order).

1. Install SSH on the server. Go to
ftp://ftp.replay.com/pub/crypto/crypto/SSH/ to download SSH.

2. Make sure you install TCP Wrappers to make some rules for allowing and
disallowing access to services.

3. Read the Security-HOWTO at the Linux Documentation Project website
(http://metalab.unc.edu/mdw/linux.html)

4. Read the Linux Administrators Security Guide at
http://www.seifried.org/lasg/

Well that's a small start. Would others of you be interested in adding
your $0.02?

-Tim

--
Timothy D. Wilson			"A little song, a little dance,
University of MN, chem. dept.		a little seltzer down your 
wilson@chem.umn.edu			pants."   -Chuckles the Clown
Phone: (612) 625-9828                       as eulogized by Ted Baxter