Securing Linux/Unix Outline
- How Secure is Secure?
- Security is an attitude: Healthy Paranoia
- Security is never a "Done Deal"
- Security is a policy: Default Allow or Default Deny
- ALWAYS install the OS in a Pre-Secured Environment
Examples of such:
- A LAN protected by a firewall
- A LAN disconnected from the WAN/Internet
- An isolated, self-contained Test LAN
- Install the latest security patches, updates and packages
- Install the latest version of the SSH/SSL tools
- Disable ALL unnecessary services
- netstat -a[n]
- fuser -uv [service/protocol] (as root)
- /etc/rc.d/rc.* (Slackware, etc.)
- /etc/rc.d/init.d/* (RedHat, etc.)
- /etc/inetd.conf
- /etc/xinetd*
- Secure ALL necessary services
- Use tcp-wrappers
- Use packet-filters (ipfwadm, ipchains, iptables, etc.)
- Sendmail No Relaying
- Apache Limit Access
- DNS Run as NON-root user
- Check important file permissions
- Suid, Sgid programs:
find / \(-perm -004000 -o -perm -002000 \) -type f -print
- /var/log/*
- /etc/*
- Watch the system
- Watch the news
- Watch the sites
- Read the books