On Fri, 15 Apr 2011, Stephen wrote:

> on security i can read, there is quite a bit out there, but its a
> muddy mess to know who is talking out their collective backside and
> who actually is giving you something useful. I do know we have some
> very good security geeks here and hope to borrow (beg) some pearls of
> wisdom.

Take and test periodic backups

Run your updates

Only run network listening services that you intend to; remove 
un-used packages, disable unused accounts, disable shell 
access where not appropriate (email only type clients)

As possible add wrappers, and iptables to restrict unwanted 
probes (does a netblock from Bulgaria REALLY need to connect 
to your box?)

Read your log files, and if repeated probes, dictionary 
attacks are occurring, consider rate limiting such (see 
fail2ban, and the like)

http://www.pmman.com/usage/hardening/

-- Russ herrold
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss