Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Linux hardening

from [Christoph Gruber] Network Security [Permanent Link]
Subject: Re: Linux hardening
Date: Thu, 25 Aug 2005 10:54:37 +0200 
Am Sonntag, 21. August 2005 14:13 schrieb AragonX:

I had an intrusion on one of my servers and am in the process of 

hardening

it (after a reinstall).  I'm using Fedora Core 4.  I've taken all the
basic steps (shutting down unused services etc) and have done the
following:

Installed Smothwall on a separate box.
Installed & configured AIDE, Snort and chkrootkit


Ever tried tiger?
http://www.nongnu.org/tiger/
---Introduction

Tiger is a security tool that can be use both as a security audit and 
intrusion detection system. It supports multiple UNIX platforms and it 
is free and provided under a GPL license. Unlike other tools, Tiger 
needs only of POSIX tools and is written entirely in shell language. 

---END


Ran Bastille

I am in the process of configuring LIDS.  I'm using LIDS instead of
SELinux because it's easier for me to configure.

My next and final step will be to install mod_security.


I would suggest to use a static kernel without loadable modules.


Best regards

-- 
Christoph Gruber
2B OR (NOT (2B)) = FF
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Linux hardening, Jon Hart
Next by Date:  Re: SMB : TCP/445 impossible to sniff a document sent to be printed to a MS Spooler Server, no_spam
Previous by Thread:  Re: Linux hardening, AragonX
Next by Thread:  Re: Linux hardening, Daniel Margolis
Indexes:  [Date] [Thread] [Top] [All Lists]