[TriLUG] Advice on securing a Linux Server

Ron Joffe rjoffe at yahoo.com
Sat Sep 29 20:14:34 EDT 2007


On Saturday 29 September 2007 13:07, Jeff Ellis wrote:
> Anything else I should do to help secure it?

- Only allow specific users to login via ssh - AllowUsers
- Add something like DenyHosts to minimize ssh attacks
- Place a transparent firewall between net and your box, and monitor all 
tcp/udp traffic.
- Copy all logs to a secondary server, and monitor externally. If someone 
hacks the net server, they might not be able to get to the logging server 
before you notice the intrusion.
- Keep all packages of tomcat and ssh,etc up to date.
- Look at AppArmor

I believe that hardening a box is as much about what you initially do for the 
server as what you do to monitor that server in the long run. 

Ron



More information about the TriLUG mailing list