[Fedora] Seeing input on Securing the Linux system from intrusions and attacks.

John Summerfield debian at herakles.homelinux.org
Thu Dec 27 20:42:27 UTC 2007 

Daniel B. Thurman wrote:
> I have finally got my F8 setup and running so now I am reviewing the
> security issues that needs to be taken into account.
> 
> I have looked into trying many things to protect and harden my systems,
> but I thought I'd ask members what they are doing/using to defend their
> systems against attacks and unwanted intrusions?  Would it be neat
> if there was an automatic non-human defender to do it for you while you
> sleep?  Dream on.
> 
> I would like to focus on securing Fedora. I have tried snort w/Base etc.,
> Tripwire, Fam, nmap, Iptable techniques, and so on.
> 
> Does anyone have any advice, links to great sites focused on security
> and how to secure your linux box against intrusions and attacks?


What you need to do depends on what you're trying to protect. If you're 
not running any servers, then things are pretty cheesy - you only need 
to worry about invited data (websites you visit, email you receive and 
such)....

I don't run Fedora for anything important. I don't know how serious the 
Fedora project is about security, but I see the the need to keep 
upgrading to be a security hazard in itself.   Where I want updates for 
an extended period, I prefer a RHEL clone or Debian.

I content myself with a vpn (openvpn) to secure remote access, shorewall 
for my firewall. I don't use hosts.{allow,deny} - I don't see that they 
offer anything much that iptables can't do.

Typically my firewalls allow ssh from those IP addresses I might use 
(only Australian, not all), and rate-limited from others (in case I got 
it wrong).

I also limit access to remote sites; my systems cannot be used to 
port-scan others.

I also keep an eye on my logs; I've spotted some virus-infected Windows 
laptops over time.

Finally (I think) I use the firewall to help control spam; if spam gets 
through my other countermeasures, I often block entire /24 (and larger, 
up to /11 in one case) networks from which I receive spam.


> 
> Thanks!
> 
> 
> No virus found in this outgoing message.
> Checked by AVG Free Edition. 
> Version: 7.5.516 / Virus Database: 269.17.9/1198 - Release Date: 12/26/2007 5:26 PM
>  
> 


-- 

Cheers
John

-- spambait
1aaaaaaa at coco.merseine.nu  Z1aaaaaaa at coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

More information about the users mailing list