First of all you can search on net. But still ....
1)Use firewall
2)Close all unnecessary services(BTW, it seems that redhat has learned the
lesson. They are closing almost all services by default on their upcoming
version...At lest in the workstation install)
3)Use something like LIDS/Bastille Linux.
4)Stay current with patches. For that matter RHL6.1 is as good as gateway of
India on security ground. It's more than an year old.. Do subscribe to RHL
update network. Very simple and effective measure.
5)Compile all essential services on your box like sendmail, squid, proxy. You
can control the compile time setting to tighten them than default. Besides you
can add optimisation.
6)Use tools like tripwire for file system accounting, nmap/portsentry to
prevent/detect network attacks.
7)Rename all important binaries and all their references in other scripts. e.g.
rename ps to my myps. That prevents attack from scripts. At least damage can be
reduced to some extent.
8)Secure all the CGI scripts used on your web server.
9)Put very minimum number of users on server. More than half of the attacks use
local exploit.
What else? Many people can say many important things. It would be nice if you
publish your consolidated effort. That would be a good starter when somebody
else looks for the same thing. That's what they call contribution in OS
community... :-))
HTH
Bye
Shridhar
Charles Pinheiro wrote:
> I need to secure my linux server 6.1 to the max possible so no one could
> have unauthorised entry and try to use my server to IP Port scan any other
> server. How do I go about it???
----------------------------------------------
Find out more about this and other Linux India
mailing lists at http://lists.linux-india.org/
