Re: Securing of systems....

["Brooke, O'neil (EXP)" <o'neil.brooke () LMCO COM>]

Hi

        It would have been helpful if you had included in your message the
distribution of linux that you plan on using. I know that there are projects
to build secure RedHat's. I'm not sure about the other distributions.
Openbsd is supposed to be very secure and there is probably allot of
information on securing freebsd. If you are expecting to find an all
inclusive Security-how-to you will be looking for a long time. ;)

        I would recommend that you buy some good books. I read hacking
exposed and thought that was a good book. Essentially you are going to have
to review all exposed ports on the machine. (do a port scan yourself)
Investigate each of those exposed ports, find out why they are open, find
out if they NEED (if it's not essential then kill it!) to be open, find out
if there are any patches for the ESSENTIAL applications.

        Never give out shell access to the machine. If someone gets shell
and has a bit of intelligence and the desire to, they will root your
machine.

        Keep these machines single purpose machines. They will be easier to
secure and may be more stable if fewer applications are running or
installed. If you do not absolutely NEED a web server on it, don't install
one. Kill FTP. Kill telnet and use ssh.

        Locking a system down is a matter of striping everything out and
allowing only those applications that are absolutely required to fulfill the
stated requirements. Once you have your short list of applications you need
to be sure that they do not introduce any vulnerabilities.

        Another precaution would be to search the net for 'root kits' and
examine them. Find a way to detect if your binaries have been modified.
There are applications that will do this for you, but you will be better
served if you were to learn how to do this yourself.

        Since it's only a game server you should not trust it and consider
that it has been rooted. This level of mistrust should pervade all of your
application and / or network designs. For example these game servers should
be segmented off of your main network in such a way that sniffers installed
on it would not pick up any vital data. If you need to pass information
between you game servers and a trusted computer, secure that link so that it
cannot be exploited in the event that the machine is compromised.

        Hope this helps a bit

O'Neil

> -----Original Message-----
> From: Snehal Dasari [SMTP:pavehawk () NAPALM NET]
> Sent: Monday, July 31, 2000 5:39 AM
> To:   VULN-DEV () SECURITYFOCUS COM
> Subject:      Securing of systems....
>
> Hi,
>
> I'm not exactly sure if this is the right group to post to, so my
> apologies
> if it is.
>
> I was recently contacted by a ISP to build up some linux servers to act as
> their game servers.  And that's sort of my problem.
>
> Basically, these are going to be high profile machines (as far as gaming
> machines go) and I'd like to secure them as best as possible.  I play with
> linux on a personal scale, but have never deployed linux in a commercial
> environment.
>
> The question I'm asking is this:
>
> Is there any document on the net that pertains to securing a linux box
> used
> for commercial purposes?  I've had a look and I cannot see a document of
> any
> use.  There are program specific (ipchains-HOWTO) but they give you the
> indepth of it all..I'm sort of looking for a document that covers it at a
> higher level.
>
> These servers will be running multiple game servers from each unit.
>
> Regards,
> Snehal Dasari