Do a search for 'securing fedora' on google and you'll find some interesting links. There's a Red Hat Security guide, made for RH9 but still applies pretty much to Fedora. This article - http://linuxgazette.net/105/odonovan.html - also looks like it provides some good information. Here's a quick overview of some of the things you'll need to do: 1) Firewall! Generally, a policy of deny all and only let in the few ports you'll need (ssh, nfs, etc). 2) Configure cron to run 'yum' every night to keep the system up to date. 3) Disable any services you don't want. 4) Set up some sort of Intrusion Detection System (Tripwire, ACID, Snort, etc). 5) Enforce secure passwords for all users. http://techrepublic.com.com/5100-6261-1049408.html 6) Never login as root. Make sure you can't ssh in as root. /etc/ssh/sshd_config You don't say which protocol you are using to transfer the files. I'd suggest using scp to copy them via ssh, this is the most reasonably secure method, and then the only port you will need to leave open for either inbound or outbound is ssh. Thanks, Rafiq -----Original Message----- From: Anthony Clarence [mailto:anthony@xxxxxxxxxxxxxx] Sent: 13 October 2004 10:22 To: fedora-list@xxxxxxxxxx Subject: hardenin document Dear Sir, I am looking for a general hardening document for Redhat Fedora core 2. I will not be using smtp and POP as well as Xwindows on this box,I will not be running these processes. This Linux server will just receive files from another Server. Then a script will run on this Linux box which will transfer files out to some other box. Can I get a hardening document that will keep this Linux box safe. Thanks and Regards Anthony -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
