Prev-20 Home Next-20 5 msg DSA/DSS keys and DSA 1576-1/CVE-2008-0166. 2 msg openssl/openssh fixes for lenny (testing) 2 msg openssl / x509 certs 2 msg leakage of keys? 2 msg dowkd.pl - how the blacklist data is generated ? 8 msg Re: [SECURITY] [DSA 1576-1] New openssh package... 4 msg dowkd.pl via Package 1 msg CHAO BAN 32 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 4 msg Broken link on Debian CVE Web page (Was: [SECUR... 10 msg Re: [SECURITY] [DSA 1571-1] New openssl package... 3 msg Re: [SECURITY] [DSA 1575-1] New Linux 2.6.18 pa... 1 msg Mystery of Lyle & Louise is Making Headlines 1 msg Herr Bühler Arbeite nicht mehr bei der V-ZUG AG 5 msg Re: [SECURITY] [DSA 1573-1] New php5 packages f... 4 msg Re: [SECURITY] [DSA 1572-1] New php5 packages f... 3 msg Question about Security securing server \ Jean-Paul Lacquement (7 May 2008) . \ Yves-Alexis Perez (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . \ Steve (7 May 2008) . . . . . \ Arture Le Coiffeur (7 May 2008) . . . . . \ Abdul Bijur Vallarkodath (7 May 2008) . . . . . . \ Steve (7 May 2008) . . . . . . \ Harry Jackson (7 May 2008) . . . . . . \ Daniel Leidert (7 May 2008) . . . . . \ Bernd Eckenfels (7 May 2008) . . . . \ Oliver Antwerpen (7 May 2008) . . . . . \ Rich Healey (13 May 2008) . \ weakish (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Bernd Eckenfels (7 May 2008) . . \ Jean-Paul Lacquement (7 May 2008) . . . \ Julien Gormotte (7 May 2008) . . . \ Maik Holtkamp (8 May 2008) . \ Brent Clark (7 May 2008) . \ Holger Wesser (7 May 2008) . \ Stephen Vaughan (7 May 2008) . \ Alex Mestiashvili (7 May 2008) . . \ Alex Mestiashvili (7 May 2008) . \ Ticlea Petru Alexandru (7 May 2008) . \ Simon Brandmair (7 May 2008) . . \ martin f krafft (7 May 2008) . \ Simon Valiquette (7 May 2008) . \ Onno Gabriel (7 May 2008) . \ P PRABHU (8 May 2008) . . \ Rich Healey (13 May 2008) . \ Bjørn Mork (8 May 2008) . \ phobot (9 May 2008) . . \ Noah Meyerhans (9 May 2008) . . . \ weakish (9 May 2008) . . \ Johannes Graumann (9 May 2008) . \ Simon Brandmair (9 May 2008) 1 msg Re: [SECURITY] [DSA 1570-1] New kazehakase pack... 2 msg Re: [SECURITY] [DSA 1569-1] New cacti packages ... Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg Subject: Re: securing server Group: Debian-security From: P PRABHU Date: 8 May 2008 HI Steps : 1 ) Dont run Xwindows and better install MINIMAL/SERVER edition of OS 2 ) Remove all unwanted packages. U can very well reduce the number of packages to 300max 3 ) Remove all unwanted user/group accounts 4 ) Update the packages 5 ) Do security tunings in Sysctl.conf 6 ) Do security tunings in ssh like stop Xforwarding, No Root Login etc 7 ) Put Warning in MOTD , issue and issue.nt 8 ) Make sure u need anonymous ftp or not 9 ) Signature off the Apache 10 ) Put login alert script in ,bashrc and .bash_logout to mail u if someone logsin/out 11 ) Run tripwire daily 12 ) Keep the machine behind firewall,ids/ips 13 ) Do security tunings in security.conf 14 ) Run apache-ssl instaed of apache 15 ) Run apache etc in chroot 16 ) Check whether u need Directory listing in Apache if not block it. 17 ) Run Clamav kind of freeAV for scanning. 18 ) To prevent ProFTPd DoS attacks using ../../.., add the following line in /etc/proftpd.conf: DenyFilter \*.*/ Finally 1 ) Run free Vulnerability scanners like Retina etc and find any vulnerability is there in final machine 2 )take all inventory like packages installed etc and do a weekly check is there any change in packages. Libras ----- Original Message ---- From: Jean-Paul Lacquement <zelos414> To: debian-security Sent: Wednesday, May 7, 2008 2:39:02 PM Subject: securing server Hi, I plan to secure my Debian stable (or testing if you say it's better) server. I already did the followings: - installed chkrootkit - installed fail2ban (for ssh and proftpd) - allow only one user (not root) via /etc/ssh/sshd_config, only ssh v2 The followings daemon are installed : - proftpd - apache2 - ssh Would you please list me which packages to install and which rules to apply ? Many thanks, Jean-Paul -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster ________________________________________________________________________________ ____ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security May-2008 Next-Thread Next-Msg

© 2004-2008 readlist.com