On February 1, 2005 08:06 am, myang wrote: > I began to worry about my own gentoo box. Basically, I am a layman > of linux so far. I am running Apache, openssh, postfix and mysql > service here. I don't know a little about system security. Now I'd > like to begin to learn something and do something to protect > myself. > > Where should I begin from? What should I do to secure my system?
Since you've asked "where to start?" here it goes... First step is always: "take unneeded systems off public IP/ports" meaning that you probably don't expose your mysql and postfix for external clients thus running them bound to 127.0.0.1 is a good idea. Next don't install packages you don't need or don't plan to use in nearest time. Next harden your firewall rules (either on broadband router you use or on machine itself - even better on both) which means use "deny" by default and open ports only to aplications you use and know about. Next keep your system up-to-date (man glsa-check) and keep an eye on advisories from securityfocus.com or any other security source - usualy their advisories are descriptive enough to patch your system on your own or at least to know where to start pluggin'. Just remember that it's a matter of time when somebody will try to break into your system hanging out open in internet. -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245
pgpKOVz8hLA4T.pgp
Description: PGP signature
