Securing Linux/Unix System's

[Spyder32]

Greet's AOer's. I was searching google for some research into Advanced Security of Linux/Unix system's as I wanna help to secure my OpenBSD system. As I was searching, I came across this interesting e-book so to speak (it's kinda in notecard form too, oddly enough) that goes deeply into many topic's involving *nix security. I think it's a must read for the *nix Admin/User and it cover's topic's ranging from HoneyPot's, Network Design's, Installation Security, Defense-In-Depth, Workstation's and Server's, and it even goes into some tool's used for security of *nix system's. Enjoy!

P.S: It is a bit out-dated, but still has plenty of information that is useful.

[mjk]

Thanks Spyder

Also check out CERT's UNIX Security Checklist:

http://www.cert.org/tech_tips/usc20_full.html

Though I don't even have a *nix box, ( ) I still read this from time to time just to learn something new.

Later

mjk

[Spyder32]

Hrmm, you should definitely setup a *nix box sometime and explore it. It's alotta fun when you learn the command's and work your way around it and whatnot. CERT's checklist has helped me through some tough time's (and has served it's purpose rightfully!). You should use what you know about *nix security and setup a *nix system. Trust me, it's alot better than Window's

[!mitationRust]

If your serious about UNIX security, get a hold of the bibles of the industry.
Like Practical UNIX & Internet Security www.oreilly.com

Chapter 2: Policies & Guidelines
Chapter 3: Users and Passwords
Chapter 4: Users, Groups, and the Superuser
Chapter 5: The UNIX Filesystem
Chapter 6: Cryptography
Chapter 7: Backups
Chapter 8: Defending Your Accounts
Chapter 9: Integrity Management
Chapter 10: Auditing and Logging
Chapter 11: Protecting Against Programmed Threats
Chapter 12: Physical Security
Chapter 15: UUCP
Chapter 16:TCP/IP Networks
Chapter 17:UNIX TCP/IP Services
Chapter 18: WWW Security
Chapter 19: RPC and Configuration Management
Chapter 20:NFS
Chapter 21: Firewalls
Chapter 22: Wrappers & Proxies
Chapter 23: Writing Secure SUID and Network Programs
ect....

[Dagreat1]

I couldnt agree more with the person above.
Practical UNIX & Internet Security from Oreilly is your first choice if you want to get a sound knowledge of *nix'es Security. As you can see from the table of contents, it covers all the major factors for securifying your *nix system and sheds light on the tools of trade.
Also, The Linux Documentation Project has some thorough guides on removing unnecessary services and locking down your system.

http://tldp.org/

[mjk]

Originally posted here by Spyder32
Hrmm, you should definitely setup a *nix box sometime and explore it. It's alotta fun when you learn the command's and work your way around it and whatnot. CERT's checklist has helped me through some tough time's (and has served it's purpose rightfully!). You should use what you know about *nix security and setup a *nix system. Trust me, it's alot better than Window's

Yeah I've been sitting on my ass for quite a while... Maybe this weekend I'll see what I can do. I already know a bit from toying around with Knoppix-STD and PHLAK. I actually have Red Hat installation CDs...

Somewhere...

Hopefully I'll find them

mjk

[Relyt]

Hey Hey,

^5 on the O'reilly and other books. When I began with *nix's securing the box the best I could and using good common sense was an obvious concern. The common sense may wavier now and then however, after you harden your *nix, it may well cover you pretty good when the common sense fails.

In addition to the O'reilly's, early on I grabbed a copy of "Maximum Linux Security" by Anonymous and when I learnt how to download with Linux, "Bastille" was quickly employed. The progam walks you through most of the steps in tightening up your OS.

http://www.bastille-linux.org/

(You might want to setup a dual-boot hard drive and enjoy the best of both Windows and Linux)

cheers

[gore]

One of the things that may throw someone off a little bit is that most versions come with services running by default. One of the best things you can do to make sure your installation is fairly secured is follow the list here:

When installation completes, if your distro came with a firewall, set it up. SuSE allows this before the thing even boots up. SuSE is very easy to secure because you cans et up the firewall, turn off services, and even update it with all the latest updates and patches BEFORE it even boots up.

If you don't have SuSE though you should be setting up a firewall as soon as possible, and then updating everything. Then turn off services. Or turn off services, then update. Either way you want services you don't need off, and updates installed to prevent anything from happening.

Someone here on AO had installed Free BSD, and then went to bed, and when they woke up, they had been rooted. I can't tell you enough how it is needed to update and turn off services you don't use.

Windows may make you run ROPC, but with Linux, you don't need it unless a service you run is using it, like NFS.

Also, Hacking Exposed for Linux is another good place to learn. They will not only show you how to exploit services, but how to prevent and fix them.

Another book I recommend is Free BSD unleashed, second edition; Or whatever the new edition is now.


It has a great security section that can be very helpful to someone new to UNIX, but not new to security, as some topics may be more advanced.

[Spyder32]

Very good information gore, as well as Relyt. There are lot's of book's and whatnot that's available online (as well as offline) that could help a new *nix user's first time with security of their box (whether tis be any Linux distro or a Unix system). Updating your machine and it's service's when there is an update is a vital (if not the most vital) part to keeping your *nix box secure.

[!mitationRust]

Originally posted here by gore

Someone here on AO had installed Free BSD, and then went to bed, and when they woke up, they had been rooted. I can't tell you enough how it is needed to update and turn off services you don't use.

God, I've been down that reinstall.

Originally posted here by gore

Also, Hacking Exposed for Linux is another good place to learn.

[/B][/QUOTE]

One of my online friends, link is actually posted in Hacking Exposed for Linux (second edition) page 47. aKa Liquid fish
http://www.fish.com/security/

God that kid is smart, cocky but smart! Hell, I've seen him and catch getting into it on another board. Talk about two smart people being objective in another windows linux thread, but that one took the cake!

For someone who is just starting out, SAMS teach yourself in 24_hours are great. I have the linux security,linux & Perl..... EBAY 17 dollars for two of the SAMS & eight for the Oreilly.