TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TCLUG:5793] security

On Tue, May 04, 1999 at 08:03:19AM -0500, Tim Wilson wrote:
> Good morning everyone,
> I've been thinking about security on my server lately. I've realized that
> I really need to get up to speed on security issues before my system gets
> cracked. I've been reading some docs on the subject, but I thought the
> entire list might benefit from this question. (Incidentally, I suppose
> this would be a good topic for the FAQ-O-matic, but I was having trouble
> figuring out how to use it. It didn't seem to want to accept my password.)
> Let's assume that you've got a newly installed Linux system on a
> brand-spankin'-new server. RedHat for example. Let's say that this machine
> will be a file server on a LAN with a mixture of Win9x/NT and Linux
> client. You will also be running a web server, ftp server, and would like
> to allow remote access from home for administration purposes. Once the
> system is installed, what steps should you take to secure the system?
> Let's contribute a list of steps, put them into some order, and place it
> on the TCLUG website or in the FAQ-O-matic. Here are some initial
> suggestions (incomplete, and in no particular order).
> 1. Install SSH on the server. Go to
> to download SSH.
> 2. Make sure you install TCP Wrappers to make some rules for allowing and
> disallowing access to services.
> 3. Read the Security-HOWTO at the Linux Documentation Project website
> (
> 4. Read the Linux Administrators Security Guide at
> Well that's a small start. Would others of you be interested in adding
> your $0.02?
> -Tim
> --
> Timothy D. Wilson			"A little song, a little dance,
> University of MN, chem. dept.		a little seltzer down your 
>			pants."   -Chuckles the Clown
> Phone: (612) 625-9828                       as eulogized by Ted Baxter

Thats a good start.  Now remember to disable any ports that your not using.  If you decide to run a ftp server make sure it is a secure variety. Like sftpd etc.  Other wise there is not point in running ssh because the ftp passwords are sent via clear text.


> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:
> Try our website: