*nix security auditing
Results 1 to 6 of 6

Thread: *nix security auditing

  1. #1
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325

    *nix security auditing

    Ok, school is out and I had to make some projects for myself.

    I decided to upgrade my home server (both hardware and software) and start from scratch.

    Well, I got all my hardware installed and everything is working great.

    I'm not all that great at securing a *nix system, simply because I've had little experience doing it. In my quest to learn new ways to secure a *nix system I came across a pretty cool tool that I've never read about.

    It is called "Tiger" by http://savannah.nongnu.org/projects/tiger

    I've tried to secure this box by doing all of the obvious things... killing services, killing user accounts that aren't needed, restricting host access via hosts.allow hosts.deny, setting up iptables, checking all my ports using nmap, running nessus against it in full using all available attack methods and seeing to its recommendataions, setting up tripwire, using strong passwords, restricting root login access to console only, etc.

    Even though I've done all that... after I used this Tiger tool... it came up with a bunch more stuff I should do. Changing ownership and permissions on folders, recommended setting for certains services, and a lot more.

    I would recommend you to check it out. Its pretty cool to see more stuff come up in this tool that didn't show up in others. I love finding new toys...
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  2. #2
    Hey Phishphreek, great find. Did you use "Armoring Linux" as a guide to securing your box? I used it before and it was very informative.

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ALBN: Nah, but I will check it out.

    I used the AO tutorials, RH8 Bible, misc web docs that I've found, Maximum Linux Security book, Using Linux, Samba Unleashed, Hacking Exposed, and several other books.

    There is a lot to read and to take into consideration.

    m$ is like my backhand... as where linux is just something I'm using at home and learning at home. So... I'm still a newB when it comes to securing it. I've learned a lot about it though.. thats for sure. I'm a lot more comfortable on it and not scared to mess around a bit.... after I try it on my test box..

    Thanks for the tip though, I'll check it out.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  4. #4
    I think the books you read is WAY more comprehensive than the Armoring Linux which is a basic outline for RH boxes...

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    ALBN: that "Armoring Linux" guide was pretty good.
    Most of its recommendations I had already configured.

    I'm only using this server for file (using samba) on my local lan, ssh (which only 1 user can login) httpd (which I've limited to only two subnets... work and school) and vnc (which i'm tunneling through ssh and only allowing through the two subnets mentioned above besides my LAN. I also put this server on a completely different subnet than the rest of my LAN. I used a cisco router and created ACLs. So... everything that comes in will be forwarded to my second subnet and filtered there.

    Now what I'm doing is trying to break into it. So far I haven't been sucessful.. which is good.
    Everything else is blocked at the router(s) on each subnet.

    It was a little easier than I thought it was going to be.

    Now... I'm going to get a couple of people to try to break into it. Not a wargame... but just to test the security.

    I love this stuff. But... I'm a geek...

    Anyone have any other suggestions on what to setup that I havne't already done?

    Thanks in advance.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #6
    Yeah, that was the first guide I read on securing a Linux box albeit I knew squat about it at the time. I am going to look into the resource you gave. Looks really interesting. Thanks phishphreek.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •