RE: Linux security

From: Paul Farag (paul_at_farag.ws)
Date: 08/08/03

  • Next message: Manuel Lanctôt: "RE: Nessus/keyloggers"
    To: "'vincent'" <pros-n-cons@bak.rr.com>, <security-basics@securityfocus.com>
    Date: Fri, 8 Aug 2003 09:21:02 -0700
    
    

     
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    <GENTOO PLUG>
    Just thought I'd add http://www.gentoo.org/doc/en/gentoo-security.xml as
    well. The instructions are specific to securing a Gentoo installation,
    but the ideas are pretty universal.
    </GENTOO PLUG>

    - -----Original Message-----
    From: vincent [mailto:pros-n-cons@bak.rr.com]
    Sent: Thursday, August 07, 2003 3:32 PM
    To: security-basics@securityfocus.com
    Subject: Re: Linux security

    On Tue, 05 Aug 2003 17:12:53 -0500
    John Jairo Florez Torres <jjflorez@uninorte.edu.co> said:

    > Hi.
    >
    > I would thanks information about security in Linux:
    >
    > 1. Securing a linux server (specially Redhat). Installing and
    administering
    > a linux server in a secure form

     Redhat itself posts security documentation with every release. For
    the most recent see the following link. (this is mostly in general)
    http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/security-guide/

     For a more indepth idea of security see an old but (mostly) still
    applicable
    book/paper called Securing & Optimizing linux
    http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3
    /
    Neither is a definitive guide to security, only a great place to start.

    > 2. Why is linux more secure than windows

     This is debatable but in my opnion because if the machines job is just
    to be a
    squid server (for instance) why does it need IE, RPC, netbios, etc, etc.
    all software is insecure to some degree so why not lessen the chances by
    installing
    less software?

    > 3. Securying Squid
    > Thanks a lot
    > JohnF
    >
    >
    >
    - ------------------------------------------------------------------------
    - ---
    >
    - ------------------------------------------------------------------------
    - ----
    >

    - ------------------------------------------------------------------------
    - ---
    - ------------------------------------------------------------------------
    - ----

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0

    iQA/AwUBPzPN7gQXodFMLSObEQJXQQCgnhwR76pfYRKrLxr5IUvY8KrUWfQAnjPL
    vyj+FOs+B+qdmzRn9mjTcGIb
    =zV3+
    -----END PGP SIGNATURE-----

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------


  • Next message: Manuel Lanctôt: "RE: Nessus/keyloggers"

    Relevant Pages

    • RE: [Full-Disclosure] Re: January 15 is Personal Firewall Day, he lp the cause
      ... supply of patches (Windows NT4/95/98) these systems should go offline ... Security is always a trade-off. ... This is how Linux and other ... Apache virtually owns the market with more than 60%. ...
      (Full-Disclosure)
    • SecurityFocus Linux Newsletter #39
      ... Subject: SecurityFocus Linux Newsletter #39 ... Need to keep track of the latest vulnerability information? ... vulnerabilities for both security product vendors and corporate security ... NEW PRODUCTS FOR LINUX PLATFORMS ...
      (Focus-Linux)
    • RE: Linux hacked
      ... Subject: Linux hacked ... After you boot up into the OS running from CD, ... >> First let me say I'm a security novice. ... >> been unsuccessful in getting root back. ...
      (Security-Basics)
    • Re: Community responsibility and abuse (2): the case of top-
      ... Without ANY evidence of ANY security problems you try ... PLEASE PROVIDE EVIDENCE OF ANY ... evidence that Linux is anywhere near as insecure as windows. ... Still no "spacific evidence that Linux is anywhere near as insecure as ...
      (alt.linux)
    • Re: testing laptop based on bsd anyone
      ... "A new linux distribution for Wardrivers" ... I wasn't speaking about the relative strengths of security measures within ... As attacks through web applications continue to rise, ... vulnerability management needs. ...
      (Pen-Test)