[CentOS] Hardening CentOS by removing "hacker" tools

Fri Jun 6 23:15:30 UTC 2008
Erik Bussink <mailinglist at bussink.ch>

On Fri, 2008-06-06 at 19:03 -0400, Filipe Brandenburger wrote:
> Hi,
> 
> My boss asked me to harden a CentOS box by removing "hacker" tools,
> such as nmap, tcpdump, nc (netcat), telnet, etc.
> 
> I would like to know which list of packages would you remove from a
> base install. I would appreciate if someone could point me to a
> "standard" way of doing this. I know there are procedures for
> hardening a machine (I remember reading about Bastille Linux) but I
> don't know how effective they are and if they include the removal of
> such tools in their procedures.
> 
> Any advice would be very appreciated!

Filipe,

Have a search on google for NSA Hardening RHEL5, you will find a very
good document (pdf) which will help you start you're hardening.

Regards,
Erik