homepage Welcome to WebmasterWorld Guest from 54.234.2.88
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
Linux security
Looking for the best source for linux security concerns
mghaught




msg:914808
 1:40 am on Aug 2, 2001 (gmt 0)

As a new linux admin, with no *nix admin experience, I'm looking for a good source for linux security. I've done a redhat 7 install and am now running apache, mysql, and jakarta tomcat.

I've also seen my access logs and watched various hacker attacks on my box. Luckily, they've all failed but I have no confidence to expect a default install will hold off all attacks. At this point I would like to get more familiar with linux security and know if there's anything I should automatically do after a basic redhat7 install?

Thx!

 

littleman




msg:914809
 2:28 am on Aug 2, 2001 (gmt 0)

I'm just a novice too, but [linuxsecurity.com...] seemed to have a lot of good information. It is a little commercial, but the resources section has links to a lot of good documentation.

bartek




msg:914810
 5:29 am on Aug 2, 2001 (gmt 0)

These will get you started too...
Armoring Linux [enteract.com]
satan security tool [fish.com]
packetstorm [packetstormsecurity.org]
and my personal fave
New order [neworder.box.sk]
hth

satanclaus




msg:914811
 3:59 pm on Aug 20, 2001 (gmt 0)

[securityfocus.com...]

also a good starting point

satanclaus




msg:914812
 3:59 pm on Aug 20, 2001 (gmt 0)

[securityfocus.com...]

also a good starting point

Bolotomus




msg:914813
 7:49 pm on Aug 20, 2001 (gmt 0)

Be particularly careful with Redhat. Most of the well known Linux-exploits revolve around Redhat and it's sloppy use of defaults.

skirril




msg:914814
 2:09 pm on Aug 23, 2001 (gmt 0)

I know its not an online resource, but it helped me a lot.
Its a book published by O'Reilly, called "practical unix security". In short, it shows the following:

- securing a system is a process, not a product
- the more secure a system is, the less usable it will become
- it will enlighten you on some weaknesses, and things not to do. Some countermeasures are easy to implement, others nigh-impossible.

- a good approach is to go through the list of services you are running, and cut them down to the strict minimum. Most Linux distros fail on this. The first things I cut out were telnet access (and all rsh, rexec, etc -replaced by ssh,scp..) and anonymous ftp.

If you really want a secure (relatively secure) system look at OpenBSD, but that's not linux.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved