TechRepublic|Forums|Linux

Linux

General discussion

  • Creator
    Topic
  • May 13, 2005 at 4:58 am #2187640

    Securing Red Hat ES v3.0

    Locked

    by dwattel · about 18 years, 11 months ago

    I am working on an Red Hat ES v3.0 server with lotus domino 6.5.4. This server will be colocated at an ISP. This server needs a very good security.
    Can anyone help me with this?

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • May 13, 2005 at 6:17 am #3257219

      Reply To: Securing Red Hat ES v3.0

      by k12linux · about 18 years, 11 months ago

      In reply to Securing Red Hat ES v3.0

      Security is a process, however, here are some basic things you probably want to do. (I’m doing this via command line. There are RH specific GUI tools for much of this, however, you may not have installed some/any of them.)

      ** Disable un-needed services
      As root, at the command prompt type:
      netstat -lpunt
      to get a list of all services listening to the network and the program name. Note any that are not using a Local Address of 127.0.0.1 (that’s a strictly internal loopback interface.)

      Next do:
      chkconfig –list | grep on
      to see what services are started at bootup time. Try to match the programs you found using netstat against this list. (smbd/nmbd is the smb or samba service … windows networking.) Figure out which services you do not need and stop them with the command:
      service {service_name} stop
      then make sure your web apps still works correctly. (ie: service smb stop)

      To prevent the service from starting again on reboot use:
      chkconfig {service_name} off
      to remove it from system startup. (ie: chkconfig smb off )

      ** Disable root login via SSH
      Edit /etc/ssh/sshd_config and change the line
      PermitRootLogin yes
      to
      PermitRootLogin no

      You may have to uncomment the line it is on (delete the #)

      Restart SSH with:
      service sshd restart

      From this point on you will have to log in as a regular user and then use su – to become root.

      ** Set up the netfilter (IPtables) Firewall
      I’m running out of space, but there are tons of resources for this on the Internet. Try Google.

    • May 13, 2005 at 4:12 pm #3238268

      Reply To: Securing Red Hat ES v3.0

      by jmgarvin · about 18 years, 11 months ago

      In reply to Securing Red Hat ES v3.0

      1)Update the server with the latest security packages.
      2) Install Bastille Linux and follow the directions
      3) Fire up SELinux and set it to be pretty agressive
      4) Setup IPTables to block all ports you won’t be using
      5) Diable remote log-in by the default accounts (root, nobody, etc)
      6) kill all plain text services like telnet, rsh, etc
      7) Install Snort with ACID
      8) Install Snare
      9) Double check everything

      That should get you started. You need to do a lot more, but that will get you setup enough to get moving.

    • June 15, 2005 at 12:45 am #3174270

      Reply To: Securing Red Hat ES v3.0

      by rstals · about 18 years, 10 months ago

      In reply to Securing Red Hat ES v3.0

      If you are able and your employer (or your wallet) is willing I would highly reccomend taking the RedHat Certified Engineer course. My employer sent me on this (it was the most useful IT training I have experienced to date!). It gave me a greater insight to what happens ‘under the bonnet’.

      Also, if you are really serious about your server security why not consider contracting a security specialist?

    • September 18, 2005 at 7:18 am #3058920

      Reply To: Securing Red Hat ES v3.0

      by amit sharma · about 18 years, 7 months ago

      In reply to Securing Red Hat ES v3.0

      I am just UPDATING few things from the answer given by : K12LINUX

      QUOTE: “To prevent the service from starting again on reboot use:
      chkconfig {service_name} off
      to remove it from system startup. (ie: chkconfig smb off )”

      As quoted by K12LINUX… but in this case if you change your run-level, the stopped service will be active again. So make sure you switch off that service in all run-levels for better security.

      Use command:
      chkconfig –level 345 off

      It makes your defined service to switch off in all three run-levels defined above.
      Do makesure for confirmation.

    • October 18, 2005 at 3:13 am #3072483

      Reply To: Securing Red Hat ES v3.0

      by dwattel · about 18 years, 6 months ago

      In reply to Securing Red Hat ES v3.0

      This question was closed by the author

  • Author
    Replies
Viewing 4 reply threads