Re: [CentOS] Hardening CentOS by removing "hacker" tools

On Fri, 2008-06-06 at 19:03 -0400, Filipe Brandenburger wrote:

Hi,

My boss asked me to harden a CentOS box by removing "hacker" tools, such as nmap, tcpdump, nc (netcat), telnet, etc.

I would like to know which list of packages would you remove from a base install. I would appreciate if someone could point me to a "standard" way of doing this. I know there are procedures for hardening a machine (I remember reading about Bastille Linux) but I don't know how effective they are and if they include the removal of such tools in their procedures.

Any advice would be very appreciated!

Filipe,

Have a search on google for NSA Hardening RHEL5, you will find a very good document (pdf) which will help you start you're hardening.

Regards, Erik