Roger Munford wrote:
> I am helping a friend set up an ubuntu server for his business. However
> I am very concerned about security and am worried about inadvertently
> introducing security holes.
>
> Is there a good book or any recommended websites/tutorials that I could
> read. Something like "10 things you must always do" and "10 of the
> biggest mistakes to avoid" would be excellent.
>
Generally:
1) Choose strong passwords, especially for root.
2) Check your iptables firewall rules match the ports required for services.
3) If you have WAN internet facing services then pay special attention to the
security, i.e. SMTP server, open relay is switched off and so on.
4) Do not allow direct root access to SSH, create user accounts and consider
using /etc/sudoers. Consider switching to an different port number.
5) Use SE Linux if possible (especially if running a webserver, if you need
to use a custom policy it may be worth spending some time on this.
6) Ensure user accounts are added only to service specific groups.
7) Install a root kit checker like rkhunter and run regularly.
8) Ensure you check log files regularly for any spurious activity.
9) Don't edit configuration files without backing them up or making note of
changes you have made.
10) Be consistent, be creative (but test creative configuration before
production), and finally write documentation as you go, it can be a simple as
you like but will save you lot's of time in the future.
Others will have many more tips and tricks but these are the general rules I
use.
Damian
--
http://www.diap.org.uk - distributed archive storage system under development.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
