jazzman on 3 Feb 2005 20:52:10 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] Basic Post-Install Config?


This is probably a common question but always a relevant one.

Is there any "definitive" set of steps one should ALWAYS follow to tighten 
up security on a linux box after a fresh install?

Now obviously that's going to depend on what you want to do with the box, 
etc, so I'll give a little background.

A friend of mine is running a machine (as am I, actually) that is a linux 
box that will host mail(smtp and imap), web, and ssh servers. Mysql will 
also be running for the CMS we use, that really only needs to be 
accessible from behind the firewall/router. Our comm lines (his is cable, 
mine is dsl) go right from the modem to a hardware router/firewall which 
then NATs our servers out to the world with a few ports forwarded (80, 25, 
22, and the imap port... 143 i think?). All other ports are dropped at the 
router.

So what is the best set of steps to tighten up a box? I've done a lot of 
searching online for the best methods and it seems no two people agree, 
which just causes a lot of confusion, so I'm hoping to at least stimulate 
a discussion of what are the absolutely agreed up "you should always do 
these" steps and maybe even a bunch of "not everyone does this, but I do" 
steps.

Thanks in advance
Marc

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug