On that subject, it's worth considering that many installations are not terribly "secure" right out of the box. For example, SSH allows protocol version 1 and remote root logins by default on Centos. Many admins consider this to be rather insecure - some have no problem with it in their environments. Whatever services you do need, it would be worth auditing all of their config files. Greg On Thu, 27 Jan 2005 15:33:47 -0400, Joe Polk <listuser at javelinux.com> wrote: > It's not a question of what "users" to delete by default. Most default user > accounts are there for a specific task. Think about what services you don't > intend to use. Stop those daemons from running on boot and kill the > corresonding account for them. My experience is that there are very few > accounts that would need to be removed. Services are more important to focus on. > > -- > <<JAV>> > > > ---------- Original Message ----------- > From: Håvard Hebnes <centos at kral.no> > To: "'CentOS discussion and information list'" <centos at caosity.org> > Sent: Thu, 27 Jan 2005 17:57:38 +0100 > Subject: RE: [Centos] Secure server install > > > Yes, it will handle mail (qmail, stores in /var/qmail), mysql, www > > sites /home > > > > Will use Plesk as CP > > > > Think your example looks good. Have you any suggestions to which > > default users I should delete? > > > > /Håvard > > > > -----Original Message----- > > From: centos-bounces at caosity.org [mailto:centos-bounces at caosity.org] > > On Behalf Of Beau Henderson Sent: 27. januar 2005 17:49 To: CentOS > > discussion and information list Subject: Re: [Centos] Secure server install > > > > Well now that really depends on what your going to have installed on > > the server. Will it handle mail? mysql or other databases ? web > > serving, etc ? Will you have any control panel system installed on > > this system ? > > > > Here's an example of one of my systems which handles everything: > > > > /dev/hda6 1012M 238M 723M 25% / > > /dev/hda1 244M 21M 210M 9% /boot > > /dev/hda7 91G 19G 68G 22% /home > > none 1004M 0 1004M 0% /dev/shm > > /dev/hda5 2.0G 33M 1.8G 2% /tmp > > /dev/hda2 9.7G 2.9G 6.3G 31% /usr > > /dev/hda3 9.7G 1.8G 7.5G 19% /var > > > > Generally a 512 - 1 GB is enough for tmp. The size of each really > > depends upon what software you'll have installed and where it places > > its files. > > -- > > Beau Henderson > > http://www.iminteractive.net > > > > On Thu, 27 Jan 2005 17:41:30 +0100, Håvard Hebnes <centos at kral.no> wrote: > > > Any recomendations how big they should be? Have 160GB to use.. > > > > > > Thanks, > > > > > > regards > > > Håvard > > > > > > -----Original Message----- > > > From: centos-bounces at caosity.org [mailto:centos-bounces at caosity.org] On > Behalf Of Beau Henderson > > > Sent: 27. januar 2005 17:36 > > > To: CentOS discussion and information list > > > Subject: Re: [Centos] Secure server install > > > > > > On our web hosting servers, we generally use: > > > / > > > /tmp > > > /var > > > /usr > > > /boot > > > swap > > > /home > > > > > > Not necessarily in the above order. > > > > > > -- > > > Beau Henderson > > > http://www.iminteractive.net > > > > > > On Thu, 27 Jan 2005 07:30:34 -0600, Benjamin J. Weiss > > > <benjamin at birdvet.org> wrote: > > > > Håvard Hebnes wrote: > > > > > > > > >Not sure if this is the right place to ask, but I'll try. > > > > > > > > > >When I do a minimum install of Centos, which default users should I > delete (users that won't be needed on > > a > > > > >server) It will be used for webhosting, mail, sql.. And, what > partitions would you advice me to create? > > > /root, > > > > >/tmp, swap, /... should I have more? > > > > > > > > > > > > > > > > > > > I don't usually create a seperate /root. The partition structure I > > > > usually go with is: > > > > > > > > /boot > > > > /tmp > > > > /var > > > > / > > > > swap > > > > > > > > And some people throw in /home. > > > > > > > > Ben > > > > _______________________________________________ > > > > CentOS mailing list > > > > CentOS at caosity.org > > > > http://lists.caosity.org/mailman/listinfo/centos > > > > > > > _______________________________________________ > > > CentOS mailing list > > > CentOS at caosity.org > > > http://lists.caosity.org/mailman/listinfo/centos > > > > > > _______________________________________________ > > > CentOS mailing list > > > CentOS at caosity.org > > > http://lists.caosity.org/mailman/listinfo/centos > > > > > _______________________________________________ > > CentOS mailing list > > CentOS at caosity.org > > http://lists.caosity.org/mailman/listinfo/centos > > > > _______________________________________________ > > CentOS mailing list > > CentOS at caosity.org > > http://lists.caosity.org/mailman/listinfo/centos > ------- End of Original Message ------- > > _______________________________________________ > CentOS mailing list > CentOS at caosity.org > http://lists.caosity.org/mailman/listinfo/centos >