HI Steps :
1 ) Dont run Xwindows and better install MINIMAL/SERVER edition of OS 2 ) Remove all unwanted packages. U can very well reduce the number of packages to 300max 3 ) Remove all unwanted user/group accounts 4 ) Update the packages 5 ) Do security tunings in Sysctl.conf 6 ) Do security tunings in ssh like stop Xforwarding, No Root Login etc 7 ) Put Warning in MOTD , issue and issue.nt 8 ) Make sure u need anonymous ftp or not 9 ) Signature off the Apache 10 ) Put login alert script in ,bashrc and .bash_logout to mail u if someone logsin/out 11 ) Run tripwire daily 12 ) Keep the machine behind firewall,ids/ips 13 ) Do security tunings in security.conf 14 ) Run apache-ssl instaed of apache 15 ) Run apache etc in chroot 16 ) Check whether u need Directory listing in Apache if not block it. 17 ) Run Clamav kind of freeAV for scanning. 18 ) To prevent ProFTPd DoS attacks using ../../.., add the following line in /etc/proftpd.conf: DenyFilter \*.*/ Finally 1 ) Run free Vulnerability scanners like Retina etc and find any vulnerability is there in final machine 2 )take all inventory like packages installed etc and do a weekly check is there any change in packages. Libras ----- Original Message ---- From: Jean-Paul Lacquement <[EMAIL PROTECTED]> To: [email protected] Sent: Wednesday, May 7, 2008 2:39:02 PM Subject: securing server Hi, I plan to secure my Debian stable (or testing if you say it's better) server. I already did the followings: - installed chkrootkit - installed fail2ban (for ssh and proftpd) - allow only one user (not root) via /etc/ssh/sshd_config, only ssh v2 The followings daemon are installed : - proftpd - apache2 - ssh Would you please list me which packages to install and which rules to apply ? Many thanks, Jean-Paul -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
