-
May 30th, 2003, 04:14 AM
#1
Fresh linux install security
Asside from the SUID and GUID files, is there anything else that I should modify on a linux server that will be exposed to the public? I will be running telnet, ftp and apache on SuSE 8.1. Thanks a lot.
-
May 30th, 2003, 05:27 AM
#2
Member
i'll say that you should disable all the services that you ain't gonna use in your box
-
May 30th, 2003, 05:56 AM
#3
Erm, I'd really advise against running telnet at all, because it sends everything unencrypted over the internet, meaning its very vulnerable to someone sniffing the traffic. If you want to allow access for users simliar to telnet, try SSH, but make sure you have a current version of the server, as some of the older ones have vulnerabilites. You might also want to chroot your ftp users to a certain directory to keep them from exploring other parts of your server. It might also be a good idea to look into an IDS like Snort or something along the lines of Bastille to help secure the box.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
-
May 30th, 2003, 06:04 AM
#4
SuSe Linux has Kssh and so on. Im With Syini on this one, use that instead of telnet, and make sure no one can remote log in as root also. also, make sure you have the SuSe firewall2 running
SuSe is a beautiful distro. Im glad you chose it. Also, SuSe has a "harden SuSe" file log in as root and run that, if for some reason you dont liek it theres a go back script that will undo what you did with it.
-
May 30th, 2003, 03:17 PM
#5
You guys are probably right about using ssh instead. I just liked the idea of telnet because anyone can log in from any OS without a 3rd party utility. I'll probably just use ssh though.
-
May 30th, 2003, 03:33 PM
#6
Member
Accesability is an inportant face of the tecnology but a risky one too... so you have to be shure
about who is gona access to youre server because i don't think is good idea to let anyone to access it. So if the number of members is rasonable, you could spread any free ssh client so you can give accesability and security to both you and youre costumers.
xDrack.
-
May 30th, 2003, 03:59 PM
#7
If you have windows users, just get the PuTTY client for Windows. It works very well for SSH sessions. Also, if you use Bastille to lockdown your box, be SURE that you have a regular user account setup on the box so that you don't lock yourself out by accident. Many first time users of Bastille find themselves outta luck when they overlock the box.
A quick and dirty way to shut down services on RH is to type 'setup' at the command line and then go into SYSTEM SERVICES and then turn off anything that you dont need. This takes seconds and of you hit F1, you get a detailed description of the services on the list so as not to disable something you may need.
-TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
May 30th, 2003, 05:10 PM
#8
If you want to access a SSH server w/o third party software, check out AppGate Mind Term which will run on any java enabled machine. I've found it quite useful for when I'm at college and cant get access to any kind of SSH clients ( and the school definately wont let me install any ) and i need to check my server or do some remote work.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
-
May 30th, 2003, 09:57 PM
#9
Member
Telnet is evil like without SSH or something secure like if you enter a password to server an attacker can capture your seq and ack number reset your connection using arp poisoning and enter his/her evil commands as you BTW please if you use SSH make darn sure it's configured properly disable remote root login etc make sure it's the latest version with security fixes if SSH is not configured properly your opening a door and trouble
Doc
-
June 1st, 2003, 02:06 AM
#10
Senior Member
go check out cisecurity.org or nsa they have a template to shutdown and harden your system.
w0rm3y
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|