[CentOS] securing centos 5.2 for public usage

Sat Sep 18 11:36:44 UTC 2010
Alexander Dalloz <ad+lists at uni-x.org>

Am 18.09.2010 12:08, schrieb Roland RoLaNd:
> 
> Dear all,
> 
> i Just finished setting up an apache service on a centos 5.2 VM machine.
> 
> i need to secure this machine as i'm soon to be setting a public IP over it where i'd be opening up the following services:
> 
> 
> 1. http
> 2. https
> 3. ssh
> 
> 
> Things i've done so far:
> 
> 1. stopped root ssh access in sshd.conf
> 2. tried configuring PAM so i get a more secure ssh passwords (dictionary wise) as well as tried setting up a 2 times authentication failure for the account to be disabled for 12 hours (i couldnl't succeed in setting this up)
> 3. disabled port forwarding (to deny outsiders to tunnel through the server inside my network) couldn't succeed with this either.
> 
> 
> Any help or advice would be greatly appreciated..
> 
> thanks,
> 
> --Roland

First of all, you should really update to CentOS 5.5 plus all the
additional package updates.

And then, there is a nice wiki page

http://wiki.centos.org/HowTos/OS_Protection

with lots of helpful information about your topic. Read it carefully,
and you will find a link to

http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

with further tips to secure your system.

Alexander