[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Questions

Hi

On Fri, Nov 16, 2018 at 04:31:39PM +0100, Jérôme Bardot wrote:
> Hello i try to harden my debian server.
You are welcome to do so. 

> I want do understand all of this «warning».
> If they are false positive maybe this part should be update because
> it’s debian related ?
On Debian by default the files and directories have 644 or 755 perms 
unless special cases (i.e. shadow has 640, /root has 740). 
See the relevant section of the Debian Policy at 
https://www.debian.org/doc/debian-policy/ch-files.html#permissions-and-owners. 
By default the Debian OS is not hardened. However, your mileage may
vary, so you are welcome to harden your Debian OS if you are concerned
about security or you simply would like to apply a more stringent security
policy. In addition to making sure you apply the latest security updates from 
security.debian.org in your APT settings (i.e. /etc/apt/sources.list), you can 
harden the your OS by using one or the combination of the following methods:

1- Set up HIDS (OSSEC)
2- Install file/directory integrity checker (i.e. Tripwire)
3- Run remote vulnerability scans (i.e. Openvas, Nessus)

See 
https://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html#s-intrusion-detect
. 

Regards,
-- 
qmi | Debian GNU/Linux enthusiast
WWW: www.miklos.info
GPG: 3C4B 1364 A379 7366 7FED  260A 2208 F2CE 3FCE A0D3
Reply to: