[TriLUG] Advice on securing a Linux Server
Ron Joffe
rjoffe at yahoo.com
Sat Sep 29 20:14:34 EDT 2007
On Saturday 29 September 2007 13:07, Jeff Ellis wrote:
> Anything else I should do to help secure it?
- Only allow specific users to login via ssh - AllowUsers
- Add something like DenyHosts to minimize ssh attacks
- Place a transparent firewall between net and your box, and monitor all
tcp/udp traffic.
- Copy all logs to a secondary server, and monitor externally. If someone
hacks the net server, they might not be able to get to the logging server
before you notice the intrusion.
- Keep all packages of tomcat and ssh,etc up to date.
- Look at AppArmor
I believe that hardening a box is as much about what you initially do for the
server as what you do to monitor that server in the long run.
Ron
More information about the TriLUG
mailing list