Re: Securing Fedora Core 4

A good idea is patching the kernel with grsecurity 
(http://www.grsecurity.net/)

Just my 2 cent.


AragonX a écrit :

> I am trying develop a method to secure my servers.  I'll list the steps I
> am going to take.  Can you please review and make any additional
> suggestions.  Thank you.
>
> Install & configure Tripwire        http://sourceforge.net/projects/tripwire/
> Install & configure Snort   http://www.snort.org/
> Install & configure Bastille        http://www.bastille-linux.org/
> Install & configure LIDS    http://www.lids.org/
> Install & configure modsecurity     http://www.modsecurity.org/
> Install & configure chkrootkit      http://www.chkrootkit.org/
> install dansguardian            http://www.dansguardian.org
> install squid                   http://www.squid-cache.org/
> Install & configure DCC             http://www.dcc-servers.net
> Install & configure Pyzor   http://pyzor.sourceforge.net
> Install & configure Razor   http://razor.sourceforge.net
> install & configure Clamav  http://www.clamav.net
> Install & configure MailScanner     http://www.sng.ecs.soton.ac.uk/mailscanner/
> Install & configure Ntop    http://www.ntop.org/
> Install & configure Spamassassin    http://spamassassin.apache.org/
> install root access email command
> create a seprate /tmp partition and mount noexec, nosuid
>
>   Configure Apache
> configure for php safe mode
> configure /internal web directory w/ access from private network only
> configure /external web directory w/ password authentication
>
>   Configure SSH
> respond on alternate port
> only allow me to logon
>
>   Configure Fireall:
> only allow access to ssh from my domains
>
>
>
>
>