Re: Linux HardeningFrom: Pierre Spielmann (firstname.lastname@example.org)
- Previous message: Scott Gifford: "Re: Linux Hardening"
- Maybe in reply to: Fallon, Benjamin: "Linux Hardening"
- Next in thread: Kurt Seifried: "Re: Linux Hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 25 May 2002 12:44:39 +0200 From: Pierre Spielmann <email@example.com> To: firstname.lastname@example.org
sorry for the late posting, but my first mail was rejected due to
cross posting ...
On Wed, May 22, 2002 at 12:29:14PM -0400, Fallon, Benjamin wrote:
> Anyone know where I can find step-by-step documentation
> on Hardening RH Linux boxes? I usually just use Bastille
> Linux to do the hardening but I'd also like a better
> understanding to be able to also perform the task manually
> as well.
I am still a beginner in the security field, but learning; there might
be much more and much better documentation out in the web, but...
There is a book about securing and optimizing RH Linux 6.2 (about 500
pages), which should give you some hints where to start. It is freely
title : "Securing and Optimizing Linux Red Hat Edition - A Hands on Guide"
author: Gerhard Mourani, <email@example.com>
Some things mentioned there will never outdate, but anyhow, you can buy a
more recent version on the websites of the original autor(s):
There should also be some detailed explanations of what bastille is doing
in the documentation - I never used it, but I read somewhere, that there
is an command-line-option for "beginners" to explain step-by-step what the
scripts are going to do next. (This is also one of the things in my
There is also a really big book about securing linux (nearly 900 pages)
title: Maximum Linux Security
by: John Ray
I don't know it (yet), but "Maximum Security" from the same editor is
really a nice introduction about IT security in general. (No codes given,
but a lot of links to the internet-resouces.)
Otherwise you can also have a look at www.guardiandigital.com, they are
the publisher of www.linuxsecurity.com and they published also a really
secured linux-distribution: www.engardelinux.org (much more than simply
hardening scripts! It is _designed_ to be secure.) Try out EngardeLinux,
look how it works and you will have a much better feeling how to set up
a secure Linux.
(Please no flame! I know that the bastille script is a good tool, but as
I understand this is only one part of a secure setup.)
Have a look at the resources on theier websites... you can find a lot of
links to interesting articles.
Hope I could give some helpful tips. If someone has some more suggestions,
references or reading tips, share them with all the beginners to security
questions and post them!