I have been given a task of putting together some standard security best practicesfor our Unix Servers. We use RedHat on our machines. Would anyone care to share some of the security steps that you would recommend when setting up a unix server. Obviously unplugging it is the best security feature, however, that is not going to deliver the email or web pages.

We have done things such as disabling telnet and using ssh instead. We dropped the wuftpd package and replaced it with proftpd, however, I am still not convinced that is a big plus.

We installed tripwire and that seems to be informative, however, it stands to reason that once you see the tripwire report that tells you that files were changed it is too late.

I look forward to hearing your responses.

Dave