[olug] securing rh7.2 box
schmeits at clarksoncollege.edu
Thu Aug 22 15:40:05 UTC 2002
On Thu, 2002-08-22 at 10:31, Nick Walter wrote:
> First step of security is the grand "turn it all off" tour. do a
> "netstat -plan" to see what is running and disable everything you aren't
> explicitly sure you need. You can look in /etc/xinetd.d/ for a lot of
will check this one out
Just add a disable=yes line to the individual files to
> disable an xinetd service. Other services (such as ssh) might have
> their own independant startups and daemons. Those you will have to
> disable by preventing their startup script in /etc/init.d from running
> (hint: use chkconfig).
chkconfig works very nice
If the machine is nothing but a dedicated mail
> system, I'd suggest postfix and ssh are all you need running.
> As always, protect the machine with a firewall if at all possible.
I assuming you are talking about iptables, right?
> Configure the firewall to only allow traffic on a few select ports such
> as ssh, smtp, and possibly pop3 or imap.
> Nick Walter
> On Thu, 2002-08-22 at 10:09, roger schmeits wrote:
> > Greetings:
> > Having install 7.2 with all updates using apt-get (very nice package --
> > should check it out) with Bastille-Linux I am fuzzy on where to begin.
> > I need to harden this box for Internet usage. i.e. it will be a smtp
> > gateway for our company. would like to secure this machine to a very a
> > reasonable level (which is??? please suggest!).
> > Next process will be replace sendmail with postfix (no offense to
> > sendmail fantics). done just finished a few minutes ago
> > Run Bastille-linux. done.
> > Further shutdown unneeded services. next
> > replace ipchains with iptables.
> > Have downloaded Securing & Optim. Linux v1.3 from www.openna.com and
> > will work thru this doc.
> > Any other suggestions?
> > Roger
> > _______________________________________________
> > OLUG mailing list
> > OLUG at olug.org
> > http://lists.olug.org/mailman/listinfo/olug
> OLUG mailing list
> OLUG at olug.org
More information about the OLUG