StupidScript - 7:39 pm on Mar 15, 2007 (gmt 0)

Excellent post, TJ!

I'd add installing the Bastille-Linux [bastille-linux.sourceforge.net] server hardening system to that list.

chkrootkit is great for detecting breakin attempts and to perform forensics on a successful attack, as are logwatch [logwatch.org], mod_security and the Sentry Tools [sourceforge.net] suite of programs (PortSentry, HostSentry, LogCheck).

For DoS/DDoS protection, I'd recommend using mod_evasive [zdziarski.com] by Jonathan Zdziarski.

Lastly, make sure that the SELinux [nsa.gov] features of your server have been initialized and are available for you to use (it's part of the Linux kernel since v.2.6). Modern Linux distributions (i.e. Fedora Core 4+) include that version of the kernel or better.

A Linux server is just another server until it is made as secure as possible. Of course, it starts out a little more secure than other types of servers, but it needs more protection than it comes with, usually.

[edited by: encyclo at 1:26 pm (utc) on Dec. 13, 2009]
[edit reason] updated link [/edit]