Prev-20 Home Next-20 5 msg DSA/DSS keys and DSA 1576-1/CVE-2008-0166. 2 msg openssl/openssh fixes for lenny (testing) 2 msg openssl / x509 certs 2 msg leakage of keys? 2 msg dowkd.pl - how the blacklist data is generated ? 8 msg Re: [SECURITY] [DSA 1576-1] New openssh package... 4 msg dowkd.pl via Package 1 msg CHAO BAN 32 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 4 msg Broken link on Debian CVE Web page (Was: [SECUR... 10 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 3 msg Re: [SECURITY] [DSA 1575-1] New Linux 2.6.18 pa... 1 msg Mystery of Lyle & Louise is Making Headlines 1 msg Herr Bühler Arbeite nicht mehr bei der V-ZUG AG 5 msg Re: [SECURITY] [DSA 1573-1] New php5 packages f... 4 msg Re: [SECURITY] [DSA 1572-1] New php5 packages f... 3 msg Question about Security securing server \ Jean-Paul Lacquement (7 May 2008) . \ Yves-Alexis Perez (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . \ Steve (7 May 2008) . . . . . \ Arture Le Coiffeur (7 May 2008) . . . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . . . \ Steve (7 May 2008) . . . . . . \ Harry Jackson (7 May 2008) . . . . . . \ Daniel Leidert (7 May 2008) . . . . . \ Bernd Eckenfels (7 May 2008) . . . . \ Oliver Antwerpen (7 May 2008) . . . . . \ Rich Healey (13 May 2008) . \ weakish (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Bernd Eckenfels (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Julien Gormotte (7 May 2008) . . . \ Maik Holtkamp (8 May 2008) . \ Brent Clark (7 May 2008) . \ Holger Wesser (7 May 2008) . \ Stephen Vaughan (7 May 2008) . \ Alex Mestiashvili (7 May 2008) . . \ Alex Mestiashvili (7 May 2008) . \ Ticlea Petru Alexandru (7 May 2008) . \ Simon Brandmair (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Simon Valiquette (7 May 2008) . \ Onno Gabriel (7 May 2008) . \ P PRABHU (8 May 2008) . . \ Rich Healey (13 May 2008) . \ Bjørn Mork (8 May 2008) . \ phobot (9 May 2008) . . \ Noah Meyerhans (9 May 2008) . . . \ weakish (9 May 2008) . . \ Johannes Graumann (9 May 2008) . \ Simon Brandmair (9 May 2008) 1 msg Re: [SECURITY] [DSA 1570-1] New kazehakase pack... 2 msg Re: [SECURITY] [DSA 1569-1] New cacti packages ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg Subject: Re: securing server Group: Debian-security From: Bernd Eckenfels Date: 7 May 2008 In article <fa218e630805070209x1c5837cbs6b33c32bf3e2b4b9> you wrote: > I already did the followings: > - installed chkrootkit > - installed fail2ban (for ssh and proftpd) Beware of DOS. > - allow only one user (not root) via /etc/ssh/sshd_config, only ssh v2 If you have multiple administrators, you should not do that. > Would you please list me which packages to install and which rules to apply ? There are some hardening packages to look for. Beside that you should review all running processes and turn those off which you dont need (X11 related, rpc, hotplug stuff, etc) Besides that, what applications you plan to run? Gruss Bernd -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg

© 2004-2008 readlist.com