On Thu, 1 Feb 2001, Alwex wrote:
> Just use bastille (www.sourceforge.net/projects/bastille-linux), it'll do
> all of these basic steps, turn off sendmail, change permissions and check
> accounts etc etc. It's Good, I use it on front-line firewalls/routers.
That's one way go about it. (Hi, I'm Gabriel, I'm new here, etc)
You don't have to go the bastille route, tho. Securing a box isn't too
hard. The basic principle is run only what you need. Disable everything
else.
* use ssh, not telnet.
* scp, not rcp.
* /etc/hosts.{deny|allow} are your friends,
* as is ipchains/iptables/etc
Are you a mailserver? No? find /etc | xargs grep sendmail
Do you run apache? Check the permissions.
Don't run any less recent than the latest version of bind.
Etc.
Oh, and subscribe to bugtraq. :-)
HTH,
Gabriel.
--
Gabriel Cain, Systems Administrator at Bigdam.net
/ 509-633-0493
--
Subscription/unsubscription/info requests: send e-mail with subject of
"subscribe", "unsubscribe", or "info" to 
Wear-Hard Mailing List Archive (searchable): http://wearables.blu.org
please, Please, *PLEASE* don't subscribe through a forward/false domain
From Wear-Hard Mailing list Archive (WH)
Maintained by R. Paul McCarty
Archive created with babymail