Useful linux security links

Wednesday, January 13, 2010 , Posted by Johnny Fuery at 12:57 AM

Originally Published 2005-04-04 17:36:32

I've been researching configuration practices for securing linux-based web servers.

Red Hat Enterprise doc (reg required):

Open Source Intrusion Detection:

Jailing Apache:

A high pageRank tutorial I ran across:

Basic strategy:

+ Kill all TCP services (both running and init)

+ Add back the ones you need (Probably only ssh, sftp, httpd. I'm thinking maybe I should even make sftp not start on init and cron a kill command so you have to logon and start it every time you touch it.)

+ Secure apache (httpd) -- not gotten too deep here yet. Jailing is the first step.


Jargon anyone? Sheesh.

Currently have 0 comments:

Leave a Reply

Post a Comment