Ok, school is out and I had to make some projects for myself.

I decided to upgrade my home server (both hardware and software) and start from scratch.

Well, I got all my hardware installed and everything is working great.

I'm not all that great at securing a *nix system, simply because I've had little experience doing it. In my quest to learn new ways to secure a *nix system I came across a pretty cool tool that I've never read about.

It is called "Tiger" by http://savannah.nongnu.org/projects/tiger

I've tried to secure this box by doing all of the obvious things... killing services, killing user accounts that aren't needed, restricting host access via hosts.allow hosts.deny, setting up iptables, checking all my ports using nmap, running nessus against it in full using all available attack methods and seeing to its recommendataions, setting up tripwire, using strong passwords, restricting root login access to console only, etc.

Even though I've done all that... after I used this Tiger tool... it came up with a bunch more stuff I should do. Changing ownership and permissions on folders, recommended setting for certains services, and a lot more.

I would recommend you to check it out. Its pretty cool to see more stuff come up in this tool that didn't show up in others. I love finding new toys...