thanks a lot for these steps, I will follow them and hope to find all up and running.
On 23/02/2012 09:41 PM, John R Pierce wrote:
On 02/23/12 11:05 AM, Wuxi Ixuw wrote:
Please suggest a one as I am keep goggling and all result bring books dealing with linux as a real server and not a vps.
you could do worse than starting here... http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Security_G...
VPS and real hardware work exactly the same once the software is installed.
my base level suggestions:
- start with a *minimal* install of the latest release (currently 6.2)
- create your user account, give both user and root account different secure passwords
- secure the SSH server (no root, key instead of password authentication, only allow ssh from your home/office networks or a few secure 'bastion' hosts, etc)
- yum update right after install and reboot
- install *just* the services you need, only from trustworthy yum repositories
- secure the services you install as appropriate
- document your configuration, including what packages you needed to install
- script a secure backup of your configuration specific conf and data files to reliable offsite storage.
- plan on regular yum updates, and staying up on security alerts, such as CERT
by far the biggest threat to servers are things installed on top of them, like web applications... for instance the very popular WordPress has a long and checkered history of security exploits, ranging from annoying to root elevation... http://www.wordpressexploit.com/
ANY user written web code has to be designed with security in mind, no matter how insignificant your little web server is, its valuable to the black hats as a proxy for their evil, and the worms and exploit scanners will find a wide range of poor design