[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] 10 Steps To Securing A Server

Subject: Re: [cobalt-security] 10 Steps To Securing A Server
From: "Nico Meijer" <cobalt-users@xxxxxxxxxxxxxxx>
Date: Thu, 29 Mar 2001 11:59:03 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Glen,

> I am in the process of securing two webservers (a RaQ2 and a RaQ3), but I
> would like some advice on just what I should be installing.  So far, I
have
> installed Logcheck and SSH and wondering what to do next.  PortSentry
seems
> a popular choice- is this the way to go?

It can be, yes. It can also be a very scary tool as you see all sh*t that
happens to your machine.

I prefer a very strict ipchains approach: disable everything and then start
enabling only the things you need.

For example, if you are going to server ftp to the world, you should only
open up ports 20 & 21. If it's only to be accessible from one or a few IP's,
open 20/21 up to those IP's only. It is all possible.

Portsentry does a great job and can perform it's locking thru ipchains. If
you are not proficient enough with ipchains, go for portsentry first and
then read up on anything that's firewall related.

Two good starting points might be
http://ldp.nllgg.nl/HOWTO/Firewall-HOWTO.html and
http://ldp.nllgg.nl/HOWTO/IPCHAINS-HOWTO.html.

Good luck... Nico

References:
- [cobalt-security] 10 Steps To Securing A Server
  - From: Glen Scott

Prev by Date: [cobalt-security] 10 Steps To Securing A Server
Next by Date: RE: [cobalt-security] 10 Steps To Securing A Server
Previous by thread: [cobalt-security] 10 Steps To Securing A Server
Next by thread: RE: [cobalt-security] 10 Steps To Securing A Server

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index