On Wed, Dec 10, 2008 at 4:52 AM, Emil <firstname.lastname@example.org> wrote:
> What security packages, configs, etc. do you install and use on your web
> servers? I've messed around a bit in bastille (have found it a bit hard
> to know what I should answer on the questions and still have all my
> software working as expected, but I guess you have to learn as you go.).
> But what other stuff do you use?
The first thing I do is stop any processes that I don't need. Some
years ago I accidentally left the SWAT service exposed to the outside
world and it was exploited. It was just an old sandbox/test machine,
but when it began blasting spam everyone on the network felt the pain
Second - configure a firewall. I prefer shorewall, but there are many
options. Drop everything you don't need open - read the documentation
carefully for your chosen firewall.
If you are running apache, google around for advice on hardening
apache - NoOp's links will be useful also. Basically, you should be
familiar with the security features of *every* service you're exposing
to the outside world.
I like to move the SSHD server to listen on a non-standard port. This
cuts down on the number of script-kiddies knocking on the door. You
should also set up key-only access (no password login) - just be sure
not to lose you key, esp if it's remote server! There are guides out
there for SSH hardening also.
These are just my personal opinions - I'm no expert by any means, and
this is not a comprehensive list
ubuntu-users mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users