[TriLUG] Advice on securing a Linux Server
Neil L. Little
nllittle at embarqmail.com
Sat Sep 29 15:11:10 EDT 2007
When the first server I ever put up was zombied by a spammer, I turned a
more serious eye to securing
a system than I had before. The folks here at TRILug pointed me in the
right direction and I was able to put up
another "much" more server to replace the first one. I guess it worked.
I haven't suffered any more
security penetrations.
I can say that there is nothing like a security penetration that
enhances the learning curve. One of the suggestions
I received was a book called "Hardening Linux" by James Turnbull. It
gave me a good idea of the basics of securing
a operating system and how to set up layers of security. There are other
books out there, but this is the first one I
got.
A good firewall , using non-standard ports, and strong passwords are a
good start and will ward off the passing script
kitty. This book pointed me in the right direction(s) that allowed me to
further secure my server(s) for the off-chance
possibility a more concerted cyber attack.
Neil Little, WA4AZL
JARS Forever!!
Jeff Ellis wrote:
> I'm putting together a CentOS 5 based system that will be directly
> exposed to the internet (to serve a tomcat application). So far, I've:
>
> - Turned on the software firewall and blocked everything except for port
> 8080, another port for the application, and a port for ssh
> - Moved sshd to a non-standard port
> - Configured ssh to not allow root logins
> - Set a root password for mysql (mysql is needed by the app)
> - Set strong passwords for all users
>
> Anything else I should do to help secure it?
>
> Jeff
>
>
More information about the TriLUG
mailing list