Comments on: Hardening a Linux server in 10 minutes

By: Blue Net Support » Blog Archive » Hardening a Linux Server in 10 Minutes

Tue, 08 Jan 2008 14:50:21 +0000

[...] Mar 1 16:14:18 CET 2006 (as copied from : http://rudd-o.com/archives/2006/02/27/hardening-a-linux-server-in-10-minutes/ ) Did you know that a freshly installed Linux server can be hardened in less than 10 minutes? Heres [...]

By: random reader

random reader — Thu, 04 Oct 2007 10:36:47 +0000

For god sakes, stop abusing the term "hardening" in such a vague context. Stopping and starting services has nothing to do with the term.

And for god sakes, learn to configure a firewall by its fundamental principle: first drop everything, then allow.

By: gmiga

gmiga — Tue, 21 Mar 2006 12:26:16 +0000

Hi,

-xinetd is having nice features to restrict acces such as no_access or access_time. -PAM is nice to increase security, http://www.hccfl.edu/pollock/AUnix2/PAM-Help.htm -SELinux is also nice , http://www.nsa.gov/selinux/info/faq.cfm . It take 8 -12 % global performances decrease on some busy servers. -Tcp wrappers are great , your daemon must call libwrap. -iptables , imo more for a general firewall. Going to do some case by case on each server with iptables is well … a question of tastes.

Regards

Guillaume.

By: Olivaw

Olivaw — Sat, 04 Mar 2006 09:55:31 +0000

For mysql, just configure it to only bind to 127.0.0.1. It will be as secure and simpler, no need for iptables in this case.

(see bind-address directive in my.cnf)

By: TechnoPrimitive » Blog Archive » Hardening a Linux server in 10 minutes » The R Zone

Wed, 01 Mar 2006 19:22:38 +0000

[...] Hardening a Linux server in 10 minutes » The R Zone [...]