http://www.Linux-Sec.net Hardening-Tightening Security_Policy Hardening-HOWTO Linux Distros Distro Patches Kernel-Patches Dedicated Servers Firewalls DNS Servers Mail Servers Web Servers Turn-Off Daemons Tighten Inetd Services Top-10 Vulnerabilities Top-7 Security Mistakes Top-10 Vulnerabilities Top-20 Most Critical Vulnerability Top-10 Virus Scans/Attacks Stats Top-10 Attacks Hacked Servers One Minute Audits OpenPorts Audit AntiVirus - AntiSpam Anti-Spam Anti-Virus spam.wav Wireless [In]Security Sniffers Security Tools SSH_SSL Firewalls MailServer FileSystem VPN Port Scan Detectors IDS Tools LogFile Analysis Ethernet Monitoring Server Monitoring Tracking & Forensics Hackers Tools Audit Tools Port Scanners Hacking Tools Sniffer Tools Exploits & Vulnerbilities Wireless Wireless [In]Security Misc Statistics Linux/BSD Distros Links,Articles,WatchDogs Security Mailing Lists/FAQs Liability Insurance 1U Rackmount Chassis Custom-Chassis.com Linux-1U.net 1U-ITX.net ITX-Blades.net Small PC cases Mini-Box.net Wrap-Box.net Wrap-OS.net Wan-Sim.net Linux-Consulting.com Linux-CAE.net Linux-Sec.net Linux-Boot.net Linux-Backup.net Linux-Wireless.org Linux-Office.net Linux-Video.net Linux-Jobs.net Linux-Diff.net 1U-Raid5.net Spam Reporting Free Linux CDs ISO9660.org Distro-CD.org Patch-CD.org Contact Linux is a registered trademark of Linus Torvalds More Linux Legalese

Hardening and Tightening Security on Your Server/Network Hardening Methodology Read the various Security and Hardening HowTo Create a Network and System Admin Policy Install from a Linux CDROM into the properly sized disk partitions Apply all Patches for that particular linux distribution Compile and install your own kernel Kernel-HOWTO Turn off unused daemons and harden services , Change file/directory permissions Add additional security updates for various servers Test/Audit your new server for Exploits/Vulnerabilities Install and Monitor Your Servers and Networks Install your Intruder Detection System ( IDS ) Backup your tested/clean server Read and Understand your Security log files and messages Send yourself emails and pages when a security breach occured Upon a security breach, Find out how, when they got into your system and fix the vulnerability Repeat from the beginning with the cdrom installs Server Hardening Script No Time to Read ? ... Don't Understand what to do ? harden.pl script to be created Hardening HowTo & FAQs Protect your server against all known Exploits and Vulnerabilities and hacking tools Hardening-HowTO Lists Network and Server Policy Network and Server Admin Policy Harden and Patch Your Servers Always test your changes on your test machines/farms before applying changes to your production servers Kernel-Hardening-HowTO Compile and Install your own custom kernel Turn off unused kernel options Turn off kernel modules Install OpenWall - stops most buffer overflow, stops /tmp race condition Install LibSafe defend against buffer overflow ( stack smashing ) Apply all the Security Patches and Updates for your distro Install SSH, SSL Disallow ftp/telnet connections - use ssh instead Install secure pop3/imapd servers for email clients Apply Additional Security Precautions to Secure Your Dedicated Servers Use TCP_Wrappers ( hosts.allow and hosts.deny ) Turn Un-necessary Daemons and Services in inetd The infamous: Turn off everything in inetd you dont kneed See if anything breaks The infamous: Turn off all daemons you dont kneed See if anything breaks FileSystem Hardening Services Hardening Tighten your user login process - require ssh/ssl login only Monitor Your Servers and Network Install and Monitor Your Servers Install server and daemon status monitoring Install mon, big brother, etc Install and Monitor Your Network Traffic Install etherape, netwatch, showtraf, etc Implement Intruder Detection Systems ( IDS ) Carefully Select Your Monitoring Methodology to Generate the Proper Set of LogFiles You Can Understand and Will Be Read and Respond to Alerts/Warnings Religiously Install Host-based and Network-based Port Scan Detectors Install snort, portsentry Install Network Sniffer Detectors Install antiSniff Install Host and Network Based Intruder Detection Systems Install tripwire, aide Audit Your Server for Vulnerabilities Audit your server for known exploits and vulnerabilities Anything you forgot to check could prove extremely disasterous Check for Buffer Overflows Check for open ports Check for known exploits Analyze, Read and Understand Your Log Files Read and analyze your hourly/daily Security LogFiles Install logcheck, swatch Implement Backup System Make a Backup copy of the "virgin system" BEFORE going live Assume the intruder erases your disk... can you recover your data within an hour or two... Be sure your Backups are protected against backup failures" Test your Backups and restore your system on a new disk Tracking, Tracking Your Attackers Check into and Track Down your Attackers before it beomes a serious security breach All binaries on a compromised system are to be considered suspect until verified against the original cdrom Boot from a separate boot media to examine compromised systems Send yourself Emails and Pages Your IDS should page you immediately upon a root compromise

Copyright © 2000	Linux-Consulting	All Rights Reserved.	Updated: Sun Nov 21 23:52:12 2004 PDT