0. Secure your machine by turning off any unwanted services. Go through
/etc/inetd.conf or /etc/xinetd.conf and remove access to services that
you don't want to use. If you don't use an FTP server then don't run
it. Get rid of telnet and use ssh instead.
Rick Welykochy wrote:
> 1. Enter Nessus (http://www.nessus.org/) ... install it, attack
> your machines and bask in the glow.
>
> QUESTION: how complete do SLUGGERS feel Nessus' attacks are?
Not too bad.
> Can such a tool give one a false sense of security?
Yes, of course it can.
> 2. More effort: hide all your boxen behind NAT and use a firewall.
>
> 3. As Peter Mc mentioned: the prime directive is to disable as
> many ports of entry as possible - this is your first line of defence.
>
> 4. Use security tools like a portscan logger and change detection like
> tripwire.
I prefer AIDE to tripwire because it's easier to configure. Tripwire
is, however quite good.
> 5. Watch your logs daily.
Use logcheck for this.
----+------------------------+--------------------------
Del | mailto:[EMAIL PROTECTED] | Christchurch, New Zealand
----+------------------------+--------------------------
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
