Re: Questions
Thx,
Why debian is not more harden by default ?
I try to set up openvas but it’s look like there more to do than a
apt, i will look deeper when i have the time.
Le mer. 28 nov. 2018 à 22:26, qmi <lista@miklos.info> a écrit :
>
> Hi
>
> On Fri, Nov 16, 2018 at 04:31:39PM +0100, Jérôme Bardot wrote:
> > Hello i try to harden my debian server.
> You are welcome to do so.
>
> > I want do understand all of this «warning».
> > If they are false positive maybe this part should be update because
> > it’s debian related ?
> On Debian by default the files and directories have 644 or 755 perms
> unless special cases (i.e. shadow has 640, /root has 740).
> See the relevant section of the Debian Policy at
> https://www.debian.org/doc/debian-policy/ch-files.html#permissions-and-owners.
> By default the Debian OS is not hardened. However, your mileage may
> vary, so you are welcome to harden your Debian OS if you are concerned
> about security or you simply would like to apply a more stringent security
> policy. In addition to making sure you apply the latest security updates from
> security.debian.org in your APT settings (i.e. /etc/apt/sources.list), you can
> harden the your OS by using one or the combination of the following methods:
>
> 1- Set up HIDS (OSSEC)
> 2- Install file/directory integrity checker (i.e. Tripwire)
> 3- Run remote vulnerability scans (i.e. Openvas, Nessus)
>
> See
> https://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html#s-intrusion-detect
> .
>
> Regards,
> --
> qmi | Debian GNU/Linux enthusiast
> WWW: www.miklos.info
> GPG: 3C4B 1364 A379 7366 7FED 260A 2208 F2CE 3FCE A0D3
>
Reply to: