Re: Linux Hardening
From: Diederik Damen (diederik@tux.hn.org)Date: 05/23/02
- Previous message: Nick Drage: "Re: Linux Hardening"
- Maybe in reply to: Christian Schneider: "Re: Linux Hardening"
- Next in thread: epic@surrealideas.com: "Re: Linux Hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 May 2002 17:47:50 +0200 (CEST) From: Diederik Damen <diederik@tux.hn.org> To: "Fallon, Benjamin" <bfallon@Businessedge.com>
I just use iptables to filter, disable all the services I don't need,
compile a custom kernel,
set openssh to version 2 only and don't accept pwds (in some cases only dsa-keys)
and check remotely with nmap/nessus to see what's still reachable
also try to make all services that are running and reachable not-show
their version.
so all manually, no tools that do the work for me.
regards,
Diederik
> Date: Wed, 22 May 2002 12:29:14 -0400
> From: "Fallon, Benjamin" <bfallon@Businessedge.com>
> To: security-basics@securityfocus.com
> Cc: focus-linux@securityfocus.com
> Subject: Linux Hardening
>
> Anyone know where I can find step-by-step documentation
> on Hardening RH Linux boxes? I usually just use Bastille
> Linux to do the hardening but I'd also like a better
> understanding to be able to also perform the task manually
> as well.
>
> Thanks,
>
> Ben
>
--
Lord of the Rings LITE(tm)
-- by J.R.R. Tolkien
Some guys take a long vacation to throw a ring into a volcano
One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.
- Previous message: Nick Drage: "Re: Linux Hardening"
- Maybe in reply to: Christian Schneider: "Re: Linux Hardening"
- Next in thread: epic@surrealideas.com: "Re: Linux Hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
