Re: Resources/tools for server hardening?
On 19/10/14 18:27, Rafał Radecki wrote:
> Hi All :)
>
> What resources or tools do you use for server hardening/checking
> servers' security?
> I currently am checking Nessus, it looks good :) I found some info also
> about Bastille but it seems to be dead.
The old domain was taken over, but the project still lives.
http://bastille-linux.sourceforge.net/
You could try the Ubuntu package - I haven't tried it in Wheezy (or
recently).
http://security.ubuntu.com/ubuntu/pool/universe/b/bastille/bastille_3.0.9-12.1_all.deb
If you are running a web server and need to manage virtual hosts you'll
find it as part of ispconfig3:-
http://www.ispconfig.org/page/en/documentation.html
I use virtualmin so I can't offer an opinion on how well it works.
> Which other tools do you recommend?
That's a good start.
There's also harden-tools (a meta package). You don't say which release
you're running. It's available for squeeze, and wheezy, you'd need to
check for later releases.
See "apt-cache search harden" for the full list.
>
> I am thinking about applying some common sense security rules through
> puppet and then use Nessus to check servers. Can you recommend a
> different approach?
>
> Thanks for all help :)
>
> BR,
> Rafal.
It's recommended that you step through the official Debian manual:-
https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html#contents
(it covers a few tools)
HTH
Kind regards
Reply to: