Re: securing centos 5.2 for public usage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Roland RoLaNd wrote:
>
> i Just finished setting up an apache service on a centos 5.2 VM machine.
>
> i need to secure this machine as i'm soon to be setting a public IP over
> it where i'd be opening up the following services:
>
> 1. http
> 2. https
> 3. ssh
>
>
> Things i've done so far:
>
> 1. stopped root ssh access in sshd.conf
> 2. tried configuring PAM so i get a more secure ssh passwords (dictionary
> wise) as well as tried setting up a 2 times authentication failure for the
> account to be disabled for 12 hours (i couldnl't succeed in setting this
> up)
> 3. disabled port forwarding (to deny outsiders to tunnel through the
> server inside my network) couldn't succeed with this either.
>
Well, you could set selinux enforcing (AUGH!!!). Another possibility is
run Bastille Linux on it to harden it. I really like the latter - I used
it to harden an old system of mine, first Redhat 7.x, then Redhat 9 (yes,
this is years ago), and used that as my firewall/router, and in something
like 9 years online, on broadband, to the best of my knowledge, I never
had an intrusion.

              mark

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux