Chad Waters on 3 Feb 2005 21:28:53 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Basic Post-Install Config?


On Thu, 3 Feb 2005 15:57:26 -0500, ChrisB. <chris@chrisbovasso.com> wrote:
> I know I always disable SSH login for root. Only allow a 'su' to it. I
> always password protect MySQL and make it only accessible from localhost.
> 
> I like to run a network scanner at the new machine to see what, if anything,
> I missed after the install.
> 
> I am sure there are more then a few other things most people do but those
> two are ones I can think of right off the top of my head.

Be minimalist particularly when it comes to servers. I build from the
ground up, instead of just disabling bloated default installs.

Put it on a DMZ if possible.

If you know you're only going to use ssh and imap from certain hosts
(ie work), restrict access  to those hosts instead of leaving them
wide open.

Be fully aware of the security concerns regarding the web server and
CMS. That will probably be your most vulnerable service.

-- 
-Chad C Waters
http://chadcwaters.com
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug