Tod Merley wrote: > On Dec 27, 2007 11:10 AM, Daniel B. Thurman <dant@xxxxxxxxx> wrote: >> I have finally got my F8 setup and running so now I am reviewing the >> security issues that needs to be taken into account. >> >> I have looked into trying many things to protect and harden my systems, >> but I thought I'd ask members what they are doing/using to defend their >> systems against attacks and unwanted intrusions? Would it be neat >> if there was an automatic non-human defender to do it for you while you >> sleep? Dream on. >> >> I would like to focus on securing Fedora. I have tried snort w/Base etc., >> Tripwire, Fam, nmap, Iptable techniques, and so on. >> >> Does anyone have any advice, links to great sites focused on security >> and how to secure your linux box against intrusions and attacks? >> >> Thanks! >> >> >> No virus found in this outgoing message. >> Checked by AVG Free Edition. >> Version: 7.5.516 / Virus Database: 269.17.9/1198 - Release Date: 12/26/2007 5:26 PM >> >> >> -- >> fedora-list mailing list >> fedora-list@xxxxxxxxxx >> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list >> > > Hi Daniel B. Thurman! > > It is late so topics only for tonight: > > 1. Turn off services you do not use. > 2. Make your computer "silent" to all but those who use it - e.g. turn > off ping - e.g. use a door knock protocol on a non-standard port for > ssh to access ssh (give no reply to those who knock on the normal port > and respond to only your special "knock" on your non-standard port), > 3. Have a constant background scan done for virus, root kit, e-mail, > changes in critical files, port scan, log files (logwatch), and > audits for suspicious activity. This can and should be "niced" to not > interfere with normal operations. > 4. Google "pen testing". C/o osstmm. > 5. Honeypots! > 6. Backup your "used" areas often and in a number of different ways. > I use flash drives, CDs, and other portions of the local or remote > hard drives. I also tend to put an occasional file in an obscure > e-mail account. Be ready to "wipe and re-load" efficiently. I have > played with the idea of using "ghosted" "snapshots" for this purpose > but have only taken that to the idea level. Tar is becoming a friend. > 7. Do planned "wipe and re-loads" several times a year. For that > matter, if you simply save your used areas and then wipe and load the > new version of your distro when it comes out that is probably enough. > Be ready to restore to where you were if you need to. > > Ok, I lied - the one link I will give you has some very good ones at > the end. Note the crazy quotes and the interesting message box near > the end: > > http://en.wikipedia.org/wiki/Computer_security You forgot one very important item. Whatever you do, don't be paranoid...unless someone is really out to get you.
