Securing Linux/Unix Outline

  1. How Secure is Secure?
    • Security is an attitude: Healthy Paranoia
    • Security is never a "Done Deal"
    • Security is a policy: Default Allow or Default Deny

  2. ALWAYS install the OS in a Pre-Secured Environment
    Examples of such:
    • A LAN protected by a firewall
    • A LAN disconnected from the WAN/Internet
    • An isolated, self-contained Test LAN

  3. Install the latest security patches, updates and packages

  4. Install the latest version of the SSH/SSL tools

  5. Disable ALL unnecessary services
    • netstat -a[n]
    • fuser -uv [service/protocol] (as root)
    • /etc/rc.d/rc.* (Slackware, etc.)
    • /etc/rc.d/init.d/* (RedHat, etc.)
    • /etc/inetd.conf
    • /etc/xinetd*

  6. Secure ALL necessary services
    • Use tcp-wrappers
    • Use packet-filters (ipfwadm, ipchains, iptables, etc.)
    • Sendmail No Relaying
    • Apache Limit Access
    • DNS Run as NON-root user

  7. Check important file permissions
    • Suid, Sgid programs:
      find / \(-perm -004000 -o -perm -002000 \) -type f -print
    • /var/log/*
    • /etc/*

  8. Watch the system

  9. Watch the news

  10. Watch the sites

  11. Read the books