[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Good morning everyone,
I've been thinking about security on my server lately. I've realized that
I really need to get up to speed on security issues before my system gets
cracked. I've been reading some docs on the subject, but I thought the
entire list might benefit from this question. (Incidentally, I suppose
this would be a good topic for the FAQ-O-matic, but I was having trouble
figuring out how to use it. It didn't seem to want to accept my password.)
Let's assume that you've got a newly installed Linux system on a
brand-spankin'-new server. RedHat for example. Let's say that this machine
will be a file server on a LAN with a mixture of Win9x/NT and Linux
client. You will also be running a web server, ftp server, and would like
to allow remote access from home for administration purposes. Once the
system is installed, what steps should you take to secure the system?
Let's contribute a list of steps, put them into some order, and place it
on the TCLUG website or in the FAQ-O-matic. Here are some initial
suggestions (incomplete, and in no particular order).
1. Install SSH on the server. Go to
ftp://ftp.replay.com/pub/crypto/crypto/SSH/ to download SSH.
2. Make sure you install TCP Wrappers to make some rules for allowing and
disallowing access to services.
3. Read the Security-HOWTO at the Linux Documentation Project website
4. Read the Linux Administrators Security Guide at
Well that's a small start. Would others of you be interested in adding
Timothy D. Wilson "A little song, a little dance,
University of MN, chem. dept. a little seltzer down your
firstname.lastname@example.org pants." -Chuckles the Clown
Phone: (612) 625-9828 as eulogized by Ted Baxter