Re: securing server

To: debian-security@lists.debian.org
Subject: Re: securing server
From: "Jean-Paul Lacquement" <zelos414@gmail.com>
Date: Wed, 7 May 2008 13:03:03 +0200
Message-id: <[🔎] fa218e630805070403v7038388ci344118a87791fb05@mail.gmail.com>
In-reply-to: <[🔎] E1JtfvX-0001Gz-00@calista.eckenfels.net>
References: <[🔎] fa218e630805070209x1c5837cbs6b33c32bf3e2b4b9@mail.gmail.com> <[🔎] E1JtfvX-0001Gz-00@calista.eckenfels.net>

>  > I already did the followings:
>  > - installed chkrootkit
>  > - installed fail2ban (for ssh and proftpd)
>
>  Beware of DOS.
>
>
>  > - allow only one user (not root) via /etc/ssh/sshd_config, only ssh v2
>
>  If you have multiple administrators, you should not do that.

I am the only one.
>
>
>  > Would you please list me which packages to install and which rules to apply ?
>
>  There are some hardening packages to look for. Beside that you should review
>  all running processes and turn those off which you dont need (X11 related,
>  rpc, hotplug stuff, etc)

Ok. I'll disable them

>
>  Besides that, what applications you plan to run?

This server will only run proftpd, ssh, apache, nagios(via http), samba and cups

>
>  Gruss
>  Bernd

Jean-Paul

Reply to:

Follow-Ups:
- Re: securing server
  - From: Julien Gormotte <julien@nexedi.com>
- Re: securing server
  - From: Maik Holtkamp <holtkamp@medical-city.de>

References:
- securing server
  - From: "Jean-Paul Lacquement" <zelos414@gmail.com>
- Re: securing server
  - From: Bernd Eckenfels <ecki@lina.inka.de>

Prev by Date: Re: securing server
Next by Date: Re: securing server
Previous by thread: Re: securing server
Next by thread: Re: securing server
Index(es):
- Date
- Thread