Re: Securing Fedora Core 4

From: Ryan Cummings (l00t3r_at_gmail.com)
Date: 09/23/05

Next message: barti: "Re[2]: Securing Fedora Core 4"

Previous message: Cocobu: "Re: Securing Fedora Core 4"
In reply to: AragonX: "Securing Fedora Core 4"
Next in thread: barti: "Re[2]: Securing Fedora Core 4"
Reply: barti: "Re[2]: Securing Fedora Core 4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 23 Sep 2005 16:43:49 -0400
To: AragonX <aragonx@dcsnow.com>

You should take some time and do some reading on SElinux
implementation...I've personally never played with any of the features
but I know that most linux forums are plastered with comments/tips
about it. http://fedora.redhat.com/projects/selinux/

On 9/21/05, AragonX <aragonx@dcsnow.com> wrote:
> I am trying develop a method to secure my servers. I'll list the steps I
> am going to take. Can you please review and make any additional
> suggestions. Thank you.
>
> Install & configure Tripwire http://sourceforge.net/projects/tripwire/
> Install & configure Snort http://www.snort.org/
> Install & configure Bastille http://www.bastille-linux.org/
> Install & configure LIDS http://www.lids.org/
> Install & configure modsecurity http://www.modsecurity.org/
> Install & configure chkrootkit http://www.chkrootkit.org/
> install dansguardian http://www.dansguardian.org
> install squid http://www.squid-cache.org/
> Install & configure DCC http://www.dcc-servers.net
> Install & configure Pyzor http://pyzor.sourceforge.net
> Install & configure Razor http://razor.sourceforge.net
> install & configure Clamav http://www.clamav.net
> Install & configure MailScanner http://www.sng.ecs.soton.ac.uk/mailscanner/
> Install & configure Ntop http://www.ntop.org/
> Install & configure Spamassassin http://spamassassin.apache.org/
> install root access email command
> create a seprate /tmp partition and mount noexec, nosuid
>
> Configure Apache
> configure for php safe mode
> configure /internal web directory w/ access from private network only
> configure /external web directory w/ password authentication
>
> Configure SSH
> respond on alternate port
> only allow me to logon
>
> Configure Fireall:
> only allow access to ssh from my domains
>
>
>
>

Next message: barti: "Re[2]: Securing Fedora Core 4"

Previous message: Cocobu: "Re: Securing Fedora Core 4"
In reply to: AragonX: "Securing Fedora Core 4"
Next in thread: barti: "Re[2]: Securing Fedora Core 4"
Reply: barti: "Re[2]: Securing Fedora Core 4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]