On Mar 11, 2009, at 7:05 PM, Scott Radvan wrote:
Hi all,
I have built HTML and PDF versions of the very-nearly-finished
Security
Guide, which has its focus on Fedora and is on its way to being
available in the upcoming 11 release.
I thought there may be some members of this list who would like to
take
a look at it.
Any reviewers/comments at all are of course more than welcome.
http://sradvan.fedorapeople.org/Security_Guide/en-US/
Wouldn't the mention of fail2ban be appropriate? My servers with
public IP addresses get hundreds of failed login attempts per day
unless I use iptables to block repeat offenders.
Isn't 'PermitRootLogin no' the default for sshd?
I think a short "don't disable SELinux when things go awry" section
with pointers to policy booleans and setroubleshoot would be
appropriate. Dan Walsh's blog is a good SELinux resource without a
document reference.
http://iase.disa.mil/stigs/SRR/unix.html deserves a mention.
Good stuff,
joe
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
