As a new linux admin, with no *nix admin experience, I'm looking for a good source for linux security. I've done a redhat 7 install and am now running apache, mysql, and jakarta tomcat.
I've also seen my access logs and watched various hacker attacks on my box. Luckily, they've all failed but I have no confidence to expect a default install will hold off all attacks. At this point I would like to get more familiar with linux security and know if there's anything I should automatically do after a basic redhat7 install?
I know its not an online resource, but it helped me a lot. Its a book published by O'Reilly, called "practical unix security". In short, it shows the following:
- securing a system is a process, not a product - the more secure a system is, the less usable it will become - it will enlighten you on some weaknesses, and things not to do. Some countermeasures are easy to implement, others nigh-impossible.
- a good approach is to go through the list of services you are running, and cut them down to the strict minimum. Most Linux distros fail on this. The first things I cut out were telnet access (and all rsh, rexec, etc -replaced by ssh,scp..) and anonymous ftp.
If you really want a secure (relatively secure) system look at OpenBSD, but that's not linux.