Re: Linux Web Server Hardening (LAMP + Wiki)

[Jason M <jmillette () datavalet com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Eric,

This is a ridiculous piece of FUD and certainly does not help the
gentleman with his question. In the future please keep your baseless
comments to yourself. This list is not the place for your to shill
your preferred OS, but for facts concerning security.

Whew, happy that is out of the way
(and much more polite than I thought it would be)

Having said that:

Hi Jeff, I would start here:

http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml

This is way overkill for your average LAMP stack, but will give you a
 good idea as to how far you can go.

For a more simplified checklist style that will get you most of the
way have a look at:

www.sans.org/score/checklists/linuxchecklist.pdf

Good luck, and happy hardening :)





On 01/28/2013 03:19 AM, Eric Furman wrote:
> Don't use Linux. It is insecure. Use Windows or one of the BSDs. 
> All are much more secure.
>
> On Fri, Jan 25, 2013, at 04:31 PM, Jeffrey Walton wrote:
> > Hi All,
> >
> > Is anyone aware of a hardening guide for a Linux LAMP server with
> > a Wiki component?
> >
> > I have an older Linux Server hardening book, but nothing recent.
> > I have not seen a Wiki hardening document.
> >
> > Thanks in advance,
> >
> > Jeff
> >
> > ------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who
> > needs an SSL certificate.  We look at how SSL works, how it
> > benefits your company and how your customers can tell if a site
> > is secure. You will find out how to test, purchase, install and
> > use a thawte Digital Certificate on your Apache web server.
> > Throughout, best practices for set-up are highlighted to help you
> > ensure efficient ongoing management of your encryption keys and
> > digital certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
- ------------------------------------------------------------------------
> >
>
> ------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs
> an SSL certificate.  We look at how SSL works, how it benefits your
> company and how your customers can tell if a site is secure. You
> will find out how to test, purchase, install and use a thawte
> Digital Certificate on your Apache web server. Throughout, best
> practices for set-up are highlighted to help you ensure efficient
> ongoing management of your encryption keys and digital
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
- ------------------------------------------------------------------------
>

- -- 
Jason Millette
System Administrator \ Wireless Security Specialist

Datavalet
5275 Queen Mary
Montreal, Quebec
H3W 1Y3

t: (866) 532-4448 x169  f: (514) 385-6660

Notice: This message is confidential and privileged. If you are not
the addressee, please inform the sender by return e-mail immediately
and delete this message and destroy all copies.

Avis : Ce message est confidentiel et protégé par le secret
professionnel. Si vous n’êtes pas le destinataire, veuillez informer
l’expéditeur par courrier électronique immédiatement et effacer ce
message et en détruire toute copie.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJRBqUiAAoJENXxxWMec3nNGAAH/jKU+goK/ZeMA2+8pQoeIO9R
CpKbycyhzYrGpFgbUxpV5LKzH3z/+KKNRnACsYWoqcw/V6b/kiwvQ6OymrYDPbe1
3zKcsmRxjbI8AydNYhzPND3wupfIstWh0Pnia68Qu0/HmuBgqRLac/w4bX5L+2sj
qLeVDyLroVhqR+oyb829YMezU+O85ht6MRKUvKiIxCN0fUXxR5+dJcoDMt6+pBi4
ax426LG7xtfOQScZiXj+IhCoMwAfs9JPA3TkgoINg+insMIZU+8tOGKkdm6/ayNx
fdsc5idqGYrJRhjqMs4Y9ZzapgJJz0v2d8MlR4T/9VAAIv9ZUtyHQBzaa5oaz8w=
=Hm4b
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------