[Fedora] Seeing input on Securing the Linux system from intrusions and attacks.
Ed.Greshko at greshko.com
Sat Dec 29 14:35:07 UTC 2007
Tod Merley wrote:
> On Dec 27, 2007 11:10 AM, Daniel B. Thurman <dant at cdkkt.com> wrote:
>> I have finally got my F8 setup and running so now I am reviewing the
>> security issues that needs to be taken into account.
>> I have looked into trying many things to protect and harden my systems,
>> but I thought I'd ask members what they are doing/using to defend their
>> systems against attacks and unwanted intrusions? Would it be neat
>> if there was an automatic non-human defender to do it for you while you
>> sleep? Dream on.
>> I would like to focus on securing Fedora. I have tried snort w/Base etc.,
>> Tripwire, Fam, nmap, Iptable techniques, and so on.
>> Does anyone have any advice, links to great sites focused on security
>> and how to secure your linux box against intrusions and attacks?
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.516 / Virus Database: 269.17.9/1198 - Release Date: 12/26/2007 5:26 PM
>> fedora-list mailing list
>> fedora-list at redhat.com
>> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Hi Daniel B. Thurman!
> It is late so topics only for tonight:
> 1. Turn off services you do not use.
> 2. Make your computer "silent" to all but those who use it - e.g. turn
> off ping - e.g. use a door knock protocol on a non-standard port for
> ssh to access ssh (give no reply to those who knock on the normal port
> and respond to only your special "knock" on your non-standard port),
> 3. Have a constant background scan done for virus, root kit, e-mail,
> changes in critical files, port scan, log files (logwatch), and
> audits for suspicious activity. This can and should be "niced" to not
> interfere with normal operations.
> 4. Google "pen testing". C/o osstmm.
> 5. Honeypots!
> 6. Backup your "used" areas often and in a number of different ways.
> I use flash drives, CDs, and other portions of the local or remote
> hard drives. I also tend to put an occasional file in an obscure
> e-mail account. Be ready to "wipe and re-load" efficiently. I have
> played with the idea of using "ghosted" "snapshots" for this purpose
> but have only taken that to the idea level. Tar is becoming a friend.
> 7. Do planned "wipe and re-loads" several times a year. For that
> matter, if you simply save your used areas and then wipe and load the
> new version of your distro when it comes out that is probably enough.
> Be ready to restore to where you were if you need to.
> Ok, I lied - the one link I will give you has some very good ones at
> the end. Note the crazy quotes and the interesting message box near
> the end:
You forgot one very important item.
Whatever you do, don't be paranoid...unless someone is really out to get you.
More information about the users