Security Quick-Start HOWTO for Linux

Hal Burgiss

hal@foobox.net

v. 1.2, 2002-07-21

Revision History
Revision v. 1.2	2002-07-21	Revised by: hb
A few small additions, and fix the usual broken links.
Revision v. 1.1	2002-02-06	Revised by: hb
A few fixes, some additions and many touch-ups from the original.
Revision v. 1.0	2001-11-07	Revised by: hb
Initial Release.

This document is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.

Table of Contents

1. Introduction

1.1. Why me?
1.2. Copyright
1.3. Credits
1.4. Disclaimer
1.5. New Versions and Changelog
1.6. Feedback

2. Foreword

2.1. The Optimum Configuration
2.2. Before We Start

3. Step 1: Which services do we really need?

3.1. System Audit
3.2. The Danger Zone (or r00t m3 pl34s3)
3.3. Stopping Services
3.4. Exceptions
3.5. Summary and Conclusions for Step 1

4. Step 2: Updating

4.1. Summary and Conclusions for Step 2

5. Step 3: Firewalls and Setting Access Policies

5.1. Strategy
5.2. Packet Filters -- Ipchains and Iptables
5.3. Tcpwrappers (libwrap)
5.4. PortSentry
5.5. Proxies
5.6. Individual Applications
5.7. Verifying
5.8. Logging
5.9. Where to Start
5.10. Summary and Conclusions for Step 3

6. Intrusion Detection

6.1. Intrusion Detection Systems (IDS)
6.2. Have I Been Hacked?
6.3. Reclaiming a Compromised System

7. General Tips

8. Appendix

8.1. Servers, Ports, and Packets
8.2. Common Ports
8.3. Netstat Tutorial
8.4. Attacks and Threats
8.5. Links
8.6. Editing Text Files
8.7. nmap
8.8. Sysctl Options
8.9. Secure Alternatives
8.10. Ipchains and Iptables Redux

		Next
		Introduction

Copyright © 2010-2024 Platon Technologies, s.r.o. Home | Man pages | tLDP | Documents | Utilities | About

Design by styleshout