Re: Locking Down a Linux Box

From: Jason Giglio (jgiglio@netmar.com)
Date: 12/22/01


Date: Fri, 21 Dec 2001 20:51:27 -0500
From: Jason Giglio <jgiglio@netmar.com>
To: Jon Larabee <jlarabee@greenapple.com>

On Fri, 21 Dec 2001 17:45:25 +0000 (/etc/localtime)
Jon Larabee <jlarabee@greenapple.com> shared with the world:

> 2) Kill ALL non needed services from inetd. Many come enabled by default,
> and are entirely insecure. Things like pop3 servers, rpc, ftpd, telnetd
> ect all can be disabled from either the rc startup files (found in etc) or
> in inetd.conf
> often found in /etc/inetd.conf

Just so you know,

a) Red Hat's default install turns off almost every service, with the exception of SSH and portmap.

b) Red Hat 7.2 uses Xinetd, so the configs are in /etc/xinetd.d/filename, where filename is the name of the service. Each service has it's own file in there, and the configs are in a data-structure sort of format.

(Hint: change disable=no, or disable=yes, to turn on and off)

One may also just type "setup" at a root prompt to control service activity. This mostly only works with non-inetd based services.

>
> 3) Install SSHD 3.x and set it to run, so you can remotely access and
> congfigure things.
>

On by default.

Your other suggestions are good, but you left out registering with the Red Hat Network, and running up2date -u to update the system with all patches. This is probably the most important step, other than turning off unneeded services. Be sure to update often, or turn on the update push feature. I have not had good luck getting update push to work right though, so don't trust it until you know it is working.