NetworkClue.com
NetworkClue Home PageHome Contact UsContact ConsultingConsult
Bulletin Board
Internet Services covers Secrets to hosting websites, Hosting your own web server, and using DNS Servers.Operating Systems leads you through the decision of Linux vs. Windows, ideal installations and setups to create an efficient and redundant environment for your business, and great features to make management easier.Routing & Firewalls contains articles that will allow you to take control of your router. Learn how to protect your company with access lists and advanced firewall techniques.Hardware answers the common questions about Switches vs. Hubs, recommends SysAdmin Tools, and recommendations for adequate power protection.Utilities will cover fighting spam, using Anti-Virus programs effectively and the must haves for every administrator's software toolbox.

Linux
-RedHat Package Manger
-Linux Security
-Run Levels
-Linux Commands
Windows
Bulletin Board

Securing Your Linux Installation

By Joshua Erdman
Digital Foundation, inc.

I by no means claim that I am a Linux Security Expert, but I have picked up a trick or two that really help to secure a Linux box without having to go through a ridiculous amount of confusion and frustration.

The first step is to check out what packages and services you have installed. There are a few that you definitely should install to protect your system. These are and SSH Daemon (this is like secure telnet) and IPTables (a firewall).

The next thing to check are all the packages you should not install/start:

  1. TFTP - Trivial FTP (FTP without the need of a password)
  2. Telnet - In Case if you didn't know, telnet is all clear text.  Use SSH isntead
  3. Any services that you do not need. If your server is not hosting a website be sure that apache is not running.

      4. SSH

      Open your SSH Daemon config file:
        /etc/ssh/sshd_config
      and search for PermitRootLogin. Uncomment this line and change the value to 'no'. By it's name you can guess what this does. Now for root access the user must first log in with a regular user account and then use the command:

      su --login root

      This requires 2 levels of authentication.

      IPTables

      There is so much on IPTables it should be its own article. For now use the policy that everything is forbidden by default and then you only allow the access you need. Another really good idea is using gShield. It is a program that has all kinds of security settings and you do not have to be a network pro to get a decent firewall set up.

      Article last reviewed: 09/27/2006


      del.icio.us

      Created by: Digital Foundation, inc.

      Copyright © 2002-2005 Digital Foundation, inc.   www.networkclue.com

      All content of the NetworkClue website is copyrighted. Articles, notes, outlines, and all other materials may not be stored on the Internet or sold or placed by themselves or with other material in any electronic or printed format in whole or part. However materials may be referenced by links to the site.

 

Related Articles:
Linux Install
Windows vs. Linux