Re: Securing Fedora Core 4

From: Cocobu (cocobu_at_mail.pf)
Date: 09/23/05

  • Next message: AragonX: "Re: Securing Fedora Core 4"
    Date: Fri, 23 Sep 2005 08:18:28 -1000
    To: AragonX <aragonx@dcsnow.com>
    
    

    A good idea is patching the kernel with grsecurity
    (http://www.grsecurity.net/)

    Just my 2 cent.

    AragonX a écrit :

    >I am trying develop a method to secure my servers. I'll list the steps I
    >am going to take. Can you please review and make any additional
    >suggestions. Thank you.
    >
    >Install & configure Tripwire http://sourceforge.net/projects/tripwire/
    >Install & configure Snort http://www.snort.org/
    >Install & configure Bastille http://www.bastille-linux.org/
    >Install & configure LIDS http://www.lids.org/
    >Install & configure modsecurity http://www.modsecurity.org/
    >Install & configure chkrootkit http://www.chkrootkit.org/
    >install dansguardian http://www.dansguardian.org
    >install squid http://www.squid-cache.org/
    >Install & configure DCC http://www.dcc-servers.net
    >Install & configure Pyzor http://pyzor.sourceforge.net
    >Install & configure Razor http://razor.sourceforge.net
    >install & configure Clamav http://www.clamav.net
    >Install & configure MailScanner http://www.sng.ecs.soton.ac.uk/mailscanner/
    >Install & configure Ntop http://www.ntop.org/
    >Install & configure Spamassassin http://spamassassin.apache.org/
    >install root access email command
    >create a seprate /tmp partition and mount noexec, nosuid
    >
    > Configure Apache
    >configure for php safe mode
    >configure /internal web directory w/ access from private network only
    >configure /external web directory w/ password authentication
    >
    > Configure SSH
    >respond on alternate port
    >only allow me to logon
    >
    > Configure Fireall:
    >only allow access to ssh from my domains
    >
    >
    >
    >
    >
    >


  • Next message: AragonX: "Re: Securing Fedora Core 4"

    Relevant Pages

    • Re: Securing Fedora Core 4
      ... implementation...I've personally never played with any of the features ... but I know that most linux forums are plastered with comments/tips ... > install root access email command ... > Configure SSH ...
      (Focus-Linux)
    • Re: [PATCH 0/7] Integrity Service and SLIM
      ... the people who will deliver and support this into the target ... We were asked to submit this in small pieces to make the review easier, ... Will IBM work at splitting ssh so that trusted/untrusted portions are ... The trousers project at sourceforge already has provided TPM support ...
      (Linux-Kernel)
    • Securing Fedora Core 4
      ... I am trying develop a method to secure my servers. ... Can you please review and make any additional ... configure /internal web directory w/ access from private network only ... Configure SSH ...
      (Focus-Linux)
    • Re: traffic encryption
      ... ??>> What existing technologies can you recommend to review? ... U> ssh? ... but has some inconvenience: entering password before ... among thousands of clients. ...
      (comp.security.unix)
    • Re: No way to launch an X application under FC4
      ... akonstam@trinity.edu a écrit: ... >>Best regards ... >Is this that when you ssh to the machine? ... To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list ...
      (Fedora)