RE: Secure host newbie

[Bénoni MARTIN <Benoni.MARTIN () libertis ga>]

Hummm... IpTables is not so difficult than that, and neither Apache!! You can have a correct config. of both of them 
being a newbie:) And everyone has been a newbie one day!

Quick tools to secure your RH could be Bastille and FWbuilder (www.fwbuilder.org). the first one audits your machine 
and offers a basic security of your machine, and the second one is a GUI for IPTables/IPChains/PIX/..., quite a good 
tool!





-----Message d'origine-----
De : Xilo Musimene [mailto:xilopublic1 () ca inter net] 
Envoyé : mercredi 31 mars 2004 15:35
À : Niek; security-basics () securityfocus com
Objet : Re: Secure host newbie

> Don't expect to be an expert on specific topics such as 
> iptables/apache/ect.
> The linux 2.4 firewalling, and the apache daemon are both complex entities.
> Even tho you can read a lot about them in a few days, I find you need to 
> grow
> accustomed to them. Both have a whole lot op options, security settings,
> and of course best practices to follow.

I expect to be as careful as possible with these topics.  Once I'll have 
a firewall I'll most probably ask you guys if my rules set is good...

> Furthermore, I would _NOT_ recommend using any non-commercial Redhat 
> version
> on a production machine. As mentioned before, Redhat stopped (will stop) 
> support
> for the non-commercial Redhat.
> Vanilla Redhat 7.3 is exploitable in many ways. I personally like 
> Slackware,
> but any distro that has an eye for security/support/ect will do.

Please stop telling me RedHat 7.3 is a bad choice, I have no control 
over what distribution is installed.

All I can do is try to secure it myself.

Thanks,
   Simon


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------