Welcome to WebmasterWorld Guest from 54.161.161.92

Forum Moderators: bakedjake

Message Too Old, No Replies

Linux security

Looking for the best source for linux security concerns

     

mghaught

1:40 am on Aug 2, 2001 (gmt 0)

Inactive Member
Account Expired

 
 


As a new linux admin, with no *nix admin experience, I'm looking for a good source for linux security. I've done a redhat 7 install and am now running apache, mysql, and jakarta tomcat.

I've also seen my access logs and watched various hacker attacks on my box. Luckily, they've all failed but I have no confidence to expect a default install will hold off all attacks. At this point I would like to get more familiar with linux security and know if there's anything I should automatically do after a basic redhat7 install?

Thx!

2:28 am on Aug 2, 2001 (gmt 0)

Senior Member

WebmasterWorld Senior Member littleman is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:June 17, 2000
posts:2924
votes: 0


I'm just a novice too, but [linuxsecurity.com...] seemed to have a lot of good information. It is a little commercial, but the resources section has links to a lot of good documentation.
5:29 am on Aug 2, 2001 (gmt 0)

Full Member

10+ Year Member

joined:June 14, 2000
posts:247
votes: 0


These will get you started too...
Armoring Linux [enteract.com]
satan security tool [fish.com]
packetstorm [packetstormsecurity.org]
and my personal fave
New order [neworder.box.sk]
hth
3:59 pm on Aug 20, 2001 (gmt 0)

Preferred Member

joined:Apr 13, 2001
posts:372
votes: 0


[securityfocus.com...]

also a good starting point

3:59 pm on Aug 20, 2001 (gmt 0)

Preferred Member

joined:Apr 13, 2001
posts:372
votes: 0


[securityfocus.com...]

also a good starting point

7:49 pm on Aug 20, 2001 (gmt 0)

New User

5+ Year Member

joined:May 14, 2007
posts:13
votes: 0


Be particularly careful with Redhat. Most of the well known Linux-exploits revolve around Redhat and it's sloppy use of defaults.
2:09 pm on Aug 23, 2001 (gmt 0)

Junior Member

10+ Year Member

joined:Dec 19, 2000
posts:193
votes: 0


I know its not an online resource, but it helped me a lot.
Its a book published by O'Reilly, called "practical unix security". In short, it shows the following:

- securing a system is a process, not a product
- the more secure a system is, the less usable it will become
- it will enlighten you on some weaknesses, and things not to do. Some countermeasures are easy to implement, others nigh-impossible.

- a good approach is to go through the list of services you are running, and cut them down to the strict minimum. Most Linux distros fail on this. The first things I cut out were telnet access (and all rsh, rexec, etc -replaced by ssh,scp..) and anonymous ftp.

If you really want a secure (relatively secure) system look at OpenBSD, but that's not linux.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members