Security Basics mailing list archives
Re: Linux hardening
From: Jayson Anderson <sonick () sonick com>
Date: Tue, 23 Aug 2005 09:16:13 -0700
Perhaps it is assumed in one of those packages and if so I beg your pardon; but have you located, identified and demoted to the functional minimum (if not outright shredded), every single suid and sgid binary on the box ? 'find' coupled with spatial deduction and a lot of 'whatis' is one of the most indispensible and telling hardening methods available. For that matter, 'find'ing and enumerating everything world-accessible is almost as equally important. 'whatis' is a great ally during this procedure. Very mundane but the return on investment is outstanding. Best of luck, Jayson On Tue, 2005-08-23 at 07:09 -0500, James Leighe wrote:
I would recommend trying out Bastille Linux, it's basically a pearl script that interactively hardens your installation, if nothing else it's a time saver... and who knows maybe it includes a security tweak that you did not think to do yet. On 20/08/05, AragonX <aragonx () dcsnow com> wrote:I had an intrusion on one of my servers and am in the process of hardening it (after a reinstall). I'm using Fedora Core 4. I've taken all the basic steps (shutting down unused services etc) and have done the following: Installed Smothwall on a separate box. Installed & configured AIDE, Snort and chkrootkit Ran Bastille I am in the process of configuring LIDS. I'm using LIDS instead of SELinux because it's easier for me to configure. My next and final step will be to install mod_security. The server performs the following tasks: Web (Squirrelmail, eGroupWare, myPhpAdmin and others) and email serving to the internet. File, print and DHCP serving to my local network. I'm looking for more preventative measures. It appears that LIDS and mod_security are the only ones in that role now. Should I jail apache? Would that give me any benefits over what LIDS provides? Thank you in advance.
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Linux hardening AragonX (Aug 22)
- Re: Linux hardening James Leighe (Aug 23)
- Re: Linux hardening Jayson Anderson (Aug 24)
- Re: Linux hardening security (Aug 26)
- Re: Linux hardening AragonX (Aug 26)
- Re: Linux hardening Jayson Anderson (Aug 24)
- Re: Linux hardening security (Aug 24)
- <Possible follow-ups>
- Re: Linux hardening cabeca (Aug 23)
- Re: Linux hardening AragonX (Aug 24)
- Re: Linux hardening James Leighe (Aug 23)