Re: Re: Tutorial for optimizing security on a non-server Lin…

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Michael Havens
Date:  
To: plug-discuss
New-Topics: Re: Tutorial for optimizing security on a non-server Linux system (possible installfest activity?)
Subject: Re: Re: Tutorial for optimizing security on a non-server Linux system




:-)Mike(-:
>      I would like to claim that it was not my fault, but the fact that 
>I ran a service as root that was unnecessary means it was my fault. 


--Well, seeing as how I got a job that pays some money (yeaaaaah) and will be able to get DSL soon it is a good thing that people are helping me learn to lock down my system.

> highly recommend chacking it out: <http://cisecurity.org/> Not only
>does it tell you what to do, it tells you why. The scoring tool is
>non-invasive and will make no changes on your system - they leave that
>up to you.


>I scripted the benchmark for my Debian servers (pretty easy - you'll see
>once you download the benchmark - they give you the code to create the
>script). I now lockdown my Debian boxes by running 2 scripts.


--downloaded from cisecurity?

>Another great learning experience is Bastille - it will ask you
>questions and harden your system based on your answers. Bastille is
>available in RPM format is is a perl script. It will make changes on
>your system.


-- I would think the cisecurity option would be a better learning opportunity if I can download it for debian (fakeroot alien -r <rpm package>?)

Finally, the aforementioned Securing and Optimizing Red Hat Linux by
openna is pretty good. Very long read (yes, even longer than this
post), but still good.
</soapbox>

--What is this 'openna'?






This message has been scanned for viruses by the VEI Internet
Automatic Email Spam and Virus Scanner, and is believed to be free of spam or viruses.
Please report spam to . If you would like 98.9 % spam blocked from your
E-mail then go to VEI Internet for details. Anti-spam/Anti-virus is FREE with every account.


http://www.vei.net/

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss