General discussion

Locked

Securing Red Hat ES v3.0

By dwattel ·
I am working on an Red Hat ES v3.0 server with lotus domino 6.5.4. This server will be colocated at an ISP. This server needs a very good security.
Can anyone help me with this?

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by K12Linux In reply to Securing Red Hat ES v3.0

Security is a process, however, here are some basic things you probably want to do. (I'm doing this via command line. There are RH specific GUI tools for much of this, however, you may not have installed some/any of them.)

** Disable un-needed services
As root, at the command prompt type:
netstat -lpunt
to get a list of all services listening to the network and the program name. Note any that are not using a Local Address of 127.0.0.1 (that's a strictly internal loopback interface.)

Next do:
chkconfig --list | grep on
to see what services are started at bootup time. Try to match the programs you found using netstat against this list. (smbd/nmbd is the smb or samba service ... windows networking.) Figure out which services you do not need and stop them with the command:
service {service_name} stop
then make sure your web apps still works correctly. (ie: service smb stop)

To prevent the service from starting again on reboot use:
chkconfig {service_name} off
to remove it from system startup. (ie: chkconfig smb off )

** Disable root login via SSH
Edit /etc/ssh/sshd_config and change the line
PermitRootLogin yes
to
PermitRootLogin no

You may have to uncomment the line it is on (delete the #)

Restart SSH with:
service sshd restart

From this point on you will have to log in as a regular user and then use su - to become root.

** Set up the netfilter (IPtables) Firewall
I'm running out of space, but there are tons of resources for this on the Internet. Try Google.

Collapse -

by dwattel In reply to

Poster rated this answer.

Collapse -

by jmgarvin In reply to Securing Red Hat ES v3.0

1)Update the server with the latest security packages.
2) Install Bastille Linux and follow the directions
3) Fire up SELinux and set it to be pretty agressive
4) Setup IPTables to block all ports you won't be using
5) Diable remote log-in by the default accounts (root, nobody, etc)
6) kill all plain text services like telnet, rsh, etc
7) Install Snort with ACID
Install Snare
9) Double check everything

That should get you started. You need to do a lot more, but that will get you setup enough to get moving.

Collapse -

by dwattel In reply to

Poster rated this answer.

Collapse -

by rstals In reply to Securing Red Hat ES v3.0

If you are able and your employer (or your wallet) is willing I would highly reccomend taking the RedHat Certified Engineer course. My employer sent me on this (it was the most useful IT training I have experienced to date!). It gave me a greater insight to what happens 'under the bonnet'.

Also, if you are really serious about your server security why not consider contracting a security specialist?

Collapse -

by dwattel In reply to

Poster rated this answer.

Collapse -

by Amit sharma In reply to Securing Red Hat ES v3.0

I am just UPDATING few things from the answer given by : K12LINUX

QUOTE: "To prevent the service from starting again on reboot use:
chkconfig {service_name} off
to remove it from system startup. (ie: chkconfig smb off )"

As quoted by K12LINUX... but in this case if you change your run-level, the stopped service will be active again. So make sure you switch off that service in all run-levels for better security.

Use command:
chkconfig --level 345 <service> off

It makes your defined service to switch off in all three run-levels defined above.
Do makesure for confirmation.

Collapse -

by dwattel In reply to

Poster rated this answer.

Collapse -

by dwattel In reply to Securing Red Hat ES v3.0

This question was closed by the author

Back to Linux Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums