In addition to Liberty Young's comments, I would like to say two things:
1. There is no such thing as a secure computer when there is physical access
to it.
2. Lock down a Linux box procedure:
<
http://www.georgetoft.com/linux/security/locking/checklist.shtml>
George
Quoting Steve Hasz <
steve@roatanet.com>:
> Dear PLUG Members,
>
> Hello to the people I know on the list. I attended a couple of meetings,
> although I'm not in Phoenix as often as I was.
>
> I'm doing a volunteer project with some guys using an Open Source mapserver
> tool to show changing environmental conditions in Central America.
>
> We have a brand spanking new server and install of Redhat, including an IP
> to the machine and a domain set up in DNS. It's setting at a University
> and
> will be used as the server for the mapserver app which will be served up on
> the web to those interested. It will be a dual use machine to get people in
> the department interested in Linux as a workstation as well, but won't see
> too much use in that regard. I'm able to SFTP and SSH in to look around.
> I'm about 5,000 miles away, but there is a set of hands there with the
> server.
>
> I'm somewhat familiar with FreeBSD, since I run a VPS at Verio, so
> understand the basics of using the command line and Apache and config
> files.
> My question is about security. We want to get the server secure before we
> open it up as a webserver. Is there a pointer where I can get a detailed
> walkthrough about disabling services, which to disable, what to lock down
> and how?
>
> Best,
> Steve
> www.roatanet.com - Visitors Guide to Roatan and the Bay Islands
> www.travel-to-honduras.com - Your Travel Guide to Honduras
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
(text/plain)