10 Basic Linux Security Tips to Implement
Results 1 to 4 of 4

Thread: 10 Basic Linux Security Tips to Implement

Hybrid View

  1. #1
    Junior Member
    Join Date
    Mar 2002
    Posts
    23

    10 Basic Linux Security Tips to Implement

    The following is a list of rules and tips you might find useful in dealing with basic security concerns:

    1) Avoid doing your regular jobs when you are logged in as root. This reduces the risk of getting a cuckoo egg or a virus and protects you from your own mistakes.

    2) If possible, always try to use encrypted connections to work on a remote machine. Using SSH (secure shell) to replace telnet, ftp, rsh, and rlogin should be standard practice.

    3) Avoid using authentic method based on ip address alone.

    4) Try to keep the most important network-related packages up-to-date and subscribe to the corresponding mailing lists to recieve announcements on new versions of programs such as bind, postfix, and ssh. The same should apply to software relevant to local security.

    5) Disable any network services you do not absolutely require for your server to wok properly. This will make your system safer. Open ports, with the socket state LISTEN, can be found using the netstat program.

    6) RPM packages from SUSE are digitally signed. You can verify the integrity of any SUSE RPM package by entering this on concole: rpm — chechsig package.rpm . The needed public gpg-key is copied to the home directory of root upon installation.

    7) Check your backups of user and system files regularly. Remember that if you do not test whether the backup will work, its as good as useless.

    8) Check your log files. Whenever possible, write a small script to search for suspicious entries.

    9) Use firewall to enhance the security provided by tcpd (tcp wrapper)

    10) Design your security measure to be redundant. A message seen twice is better than no message at all.

    Originally from : http://www.linuxhaxor.net/2007/11/21...-to-implement/

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    1) Avoid doing your regular jobs when you are logged in as root. This reduces the risk of getting a cuckoo egg or a virus and protects you from your own mistakes.

    --> I don't see a reason to log in as root. Log in as a normal user and then use su or better yet... sudo to perform root functions. If there are programs that you run on a regular basis that needs root, then add the appropriate users to the sudoers file and assign only the necessary root commands. This is good for things like nmap. It also reduces the need for many people to know the root password.

    2) If possible, always try to use encrypted connections to work on a remote machine. Using SSH (secure shell) to replace telnet, ftp, rsh, and rlogin should be standard practice.

    --> Allow only the SSH2 protocol. It is good practice to deny root the ability to login via ssh. Allow access to ssh on a user or group basis.

    5) Disable any network services you do not absolutely require for your server to wok properly. This will make your system safer. Open ports, with the socket state LISTEN, can be found using the netstat program.

    --> Sometimes it can be helpful to bind services to localhost only. I've found scenarios where I need mysql and apache installed but don't need remote access to either of them. (Such as a snort/mysql/base solution which will only be accessed via the console.) They only need to listen on the loopback interface. Use tcp wrappers as well as firewall rules to restrict access to network services.

    8) Check your log files. Whenever possible, write a small script to search for suspicious entries.

    --> If possible, send your log files over an encrypted connection to a hardened syslog server and archive your files on a regular basis. If you have the ability to aggregate and correlate your logs, even better.
    Last edited by phishphreek; November 23rd, 2007 at 05:03 AM.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Junior Member
    Join Date
    Nov 2007
    Location
    Seattle, WA
    Posts
    13
    11) Avoid relying on 'third party' software (more like non-canon tools) whenever possible. Many will remember the issues involving Snort in years past.

    12) Remember that you have two sides to every system: internal and external. Don't run the internals poorly (user permissions, file permissions, logging, etc.) and hope that you're protected by the external.

    13) More security tools (including firewalls) generally also means more potential for failure or vulnerability. By stringing together more and more networking defenses, you're just giving yourself a bigger target. Use what is necessary. Don't assume because the product is good that it will be flawless.

    14) Read release documentation and keep up to date on releases and vulnerabilities.

    15) Newer doesn't always mean better. By watching documentation and releases, you can use slightly older versions for security at the cost of slightly newer functionality.

    16) The greater your confidence in your system, the greater your weakness. Question your own methods. Always seek to better your setup (within reason.)

  4. #4
    Junior Member
    Join Date
    Mar 2002
    Posts
    23
    Thanks guys for the foollowups

Similar Threads

  1. Which version of Linux to use
    By gore in forum Operating Systems
    Replies: 81
    Last Post: December 9th, 2011, 09:25 PM
  2. Any requests?
    By gore in forum Operating Systems
    Replies: 11
    Last Post: August 8th, 2004, 06:21 AM
  3. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 08:02 AM
  4. Basic Security Testing Information.
    By instronics in forum The Security Tutorials Forum
    Replies: 2
    Last Post: February 21st, 2003, 05:33 PM
  5. NEWS: This Week in Security
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: July 18th, 2002, 05:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •