Re: Linux Hardening

From: Ronan Merrick <merrickronan1_at_gmail.com>
Date: Tue, 24 Mar 2015 15:32:54 +0000
Message-ID: <CAO=9XLwqXEWZjHpWAiDmkfDdY8STs=5wfRmkxEA1Z5sU=mvgJg_at_mail.gmail.com>

Hi George,

Not a white paper but a couple of things I would normally do on servers I'm responsible for would be:

Configure ssh access by IP
Disable root access over ssh
Specify accounts and IPs for AllowUsers in sshd_config Change the default ssh port
Set up iptables rules restricting access by port and machine/subnet Set up tcp wrappers
Set up logwatch
Set up an IDS like Tripwire

Ronan
On 24 Mar 2015 14:57, "George" <georgelza_at_gmail.com> wrote:

> Hi guys
>
> Does anyone have a good white paper that covers how/what to change to
> harder a Linux OS.
>
> G
>
> --
> You have the obligation to inform one honestly of the risk, and as a person
> you are committed to educate yourself to the total risk in any activity!
>
> Once informed & totally aware of the risk,
> every fool has the right to kill or injure themselves as they see fit!
>

--
http://www.freelists.org/webpage/oracle-l

Received on Tue Mar 24 2015 - 16:32:54 CET

This message: [ Message body ]
Next message: Stefan Knecht: "Re: recompile causes an ORA-21700: object does not exist or is marked for delete"
Previous message: Stefan Knecht: "Re: Linux Hardening"
In reply to: George: "Linux Hardening"
Next in thread: Hans Forbrich: "Re: Linux Hardening"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message