I would recommend installing the bare minimum instead of the full install. After that
I would install the latest version of bind which is available at
updates.redhat.com/6.x/i386/bind-8.2.2_P3-1.i386.rpm.
Then configure your DNS zone files
Restart named
Then install ssh and use it instead of using telnet
Then install sentry
Then install tripwire
Then edit your hosts.deny to include ALL: ALL
Then edit your hosts.allow to only allow valid IP's to access this box.
If you don't want to go that route, then disable sendmail, http, and any other
services you're not going to use using the setup command.
Then comment out of the /etc/inetd.conf any services you're not going to use like pop,
imap, telnet, finger, etc and restart the inet server.
If you're looking for a single program to do this for you, there isn't one so you're
gonna have to just find all the holes in you box and seal them up. I've always found
it easier to just install the bare minimum when doing a new install then add the
packages I need later. The great thing about rpm is that each package will tell you
what dependecies it has and you can add services as you go without wasting disk space.
I might have left out some other services but you get the idea. I'm sure there are
others on the list that'll be able to give you even more info especially since I'm no
security expert but this should get you started.
Baysurf.net
Linux powered ISP
www.baysurf.net
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
