For someone that wants to begin securing his or her network. What would be the starting point ? I guess in sort of a check list format. I mean as of now Im not administering a network. But in the old company I used to work for. Security was a big problem there were no polices in place. And in what ways can one reduce the amount of work it take to keep up with securing and monitoring a diversed platform network ? Kevin
On 21-Jun-98 At&t wrote:> For someone that wants to begin securing his or her network. What would be > the starting point ? I guess in sort of a check list format. I mean as of > now Im not administering a network. But in the old company I used to work > for. Security was a big problem there were no polices in place. And in what > ways can one reduce the amount of work it take to keep up with securing and > monitoring a diversed platform network ?Please see the Linux Security-HOWTO as a starting point. I''d also appreciate any comments others might have on it''s contents or lack of contents. You can find the latest version at: http://nic.com/~dave/Security-HOWTO.html Comments greatly appreciated. Dave
Well the first thing I always do when i install any OS on a new box is update or remove the services that need updating or you don''t need at all. Then that takes away the problem of the remote attackers coming from outside. What you should do while you securing the box is put ALL : ALL in hosts.deny and don''t let any users on it until you think its secure as possible. There are also a lot of www sites out there that go through steps on explaining what you need to secure it. Also along with this mailing list subscribe to bugtraq to get the latest security holes. Mike At&t wrote:> > For someone that wants to begin securing his or her network. What would be > the starting point ? I guess in sort of a check list format. I mean as of > now Im not administering a network. But in the old company I used to work > for. Security was a big problem there were no polices in place. And in what > ways can one reduce the amount of work it take to keep up with securing and > monitoring a diversed platform network ? > > Kevin > > -- > ---------------------------------------------------------------------- > Please refer to the information about this list as well as general > information about Linux security at http://www.aoy.com/Linux/Security. > ---------------------------------------------------------------------- > > To unsubscribe: > mail -s unsubscribe linux-security-request@redhat.com < /dev/null
Let me follow up the FAQ with a couple of books that should be on every admin''s bookshelf IMHO. 1. "Practical UNIX and Internet Security" (Garfunkel and Spafford) [ ISBN 1-56592-148-8, ORA, safe on the cover ] 2. "Building Internet Firewalls" (Chapman and Zwicky) [ISBN 1-56592-124-0, ORA, fortified gateway on the cover ] Book 1 has a good checklist at the back and fair use presumably allows you to photocopy copy it for your own use. Book 2 has instrcutions for setting up an ultra-paranoid host, including tools might like to uise (S/Key, tcp wrappers, tripwire, swatch, logging down a serial line to a no-network host, etc). To this lsit I would add a good general sysadmin crib book, for example "Essential System administration" (the same series, so presumably complementry to the above couple of books). Implementing an appropiate security policy, aided by the books referenced, and up to date software should stop 98% of the crackers out there (and all beginners). The other 2% may not be feasible if you want a useable system (well funded "information warfare" outfits are probably able to penetrate the vast majority of systems). -- Duncan (-: "software industry, the: unique industry where selling substandard goods is legal and you can charge extra for fixing the problems."