[CentOS] Security checklist for new Centos server?
mfioretti at mclink.it
Mon Jul 23 17:48:09 UTC 2007
On Sun, Jul 22, 2007 23:45:38 PM -0600, Stephen John Smoogen
(smooge at gmail.com) wrote:
> >> >- set up only ssh2 on a non standard port
> >I agree, but I have noticed in the past, and read in several places,
> >that it's not security through obscurity: its main usefulness would
> >not as much extra security as saving a bit of bandwidth and server
> >load from automated attacks with off the shelf scripts.
> denyhosts or fail2ban also can help that.
OK, I'll study their documentation and come back if I have specific questions on these tools. Related tips, tricks and comments are very welcome anyway, of course.
> >> Not knowing iptables and relying on a script usually ends up with
> >> lots of email to some firewall list about why I cant talk to my
> >> remote server anymore.
> >Of course, I wouldn't run such a script, or any new tool suggested in
> >this discussion, before being sure to understand what each line and
> >option does.
> >Any further feedback is welcome!
> Will try to send some iptables stuff later this week.
I really appreciate that! Thanks Steven!
Help *everybody* love Free Standards and Free Software!
More information about the CentOS