I just installed 6.2 on my server, and am now in the process of trying to
lock the box down.
I need to install the errata & updates (which I have already downloaded),
but I can't remember the command for the graphical RPM tool (Is it glint?)
(I ask for the graphical, as I am doing everything from remote X)...
I have tried running Bastille-linux on the box, but it chokes & fills up the
log until the partition is full... I will make an attempt to fix this (I
may have some permissions set wrong).
I have been looking at the services & inet.conf files, & it looks like
there's a gob more stuff in there than there used to be. I plan on
disabling everything, and then re-enabling the things I want, but maybe this
is excessive - What I want is samba (internal interface only), apache (all
interfaces), and some method of telnet and ftp (from all interfaces - I
understand that neither are secure, so how do I go about fixing this? - What
are issues I'll need to contend with for ssh?), POP from the internal
interface, and smtp from all interfaces. I also plan to use this box as a
masquerading router. Do I really need DNS for this?
Linuxconfig seems to not work really well, so I suppose I will do this all
by hand, so I could use all the help you friendly folks are willing to lend
me - Be patient, my work has made me slow & stoopid...
After I have the machine locked down, I will obviously want to add IPCHAINS
for the firewall & masq - Where is a good resource for this? I also plan on
installing port sentry (I had this up before) - does anyone know of a way to
have sentry put locked out machines into the IPCHAINs scripts, so they
aren't lost after a reboot (As I recall, it puts some things into
hosts.deny, and others into temporary firewall rules)... I also plan on
installing tripwire onto the system, but the version I have (sorry don't
remember which) is a little buggy with some filenames... Is there a newer
version, and where can I get it (sorry, I forgot)?
The last thing I would lik to do is throw in an automated log checking
daemon (or some such) so that I don't have to peruse a jillion MBs of logs
each day... Preferably, this software would notify me by e-mail (random
account) of anything unusual going on.. What's a good package for this.
I have set up a couple systems in the past, but I have never tried to make
the box so paranoid as I want to make this new install... (I had never had
a problem with my installation until I was recently hacked).
Thank you all again (in advance) for your help - I'm sorry if I come across
as more than a little dense - as I said, my work has me hopping lately.
Tom Burke
Sr. Electrical Engineer (Analog)
Northrop Grumman Space Systems
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
