Re: Updated Hardening guide.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

tuxxer wrote:

Beat me up again guys and gals.  ;-)

http://members.cox.net/tuxxer
http://members.cox.net/tuxxer/fedora-hardening-guide-whole-en.xml

XML also posted to bug #129957.

-Charlie


Hello Charlie

A quick review:

http://members.cox.net/tuxxer/ch-intro.html

I think you should just drop the first two sentences. If the current list of vulnerabilities would just keep growing then it would imply that Linux is getting more insecure everyday

" As more and more users start trying and using linux, it will become more and more important for the common user to know how to harden his or her system against these threats. The current list of vulnerabilities in linux systems will continue to grow as linux gains more momentum in the home desktop environment."

http://members.cox.net/tuxxer/services-gui.html#services-gui-2

sendmail - Sendmail is a Mail Transport Agent.

This deamon is also used to send critical mails to root users by default which also contains logwatch reports and other security related informatio. You typically should modify the MTA configuration to send mails to your normal user account instead of disabling it.

http://members.cox.net/tuxxer/gui-update.html

The "customizationn observation" note is better done as generic statement that applies to the whole of the document that everything is assumed to be in the default locations.

http://members.cox.net/tuxxer/userconfig-cli.html#userconfig-gui

" By default, the *User Manager* will filter all of the "unnecessary" users, by designating them as "default" or "system" users"

The system users cannot be called as unnecessary. They just arent required typically. If a system user is definitely not required in any of the potential roles then thats a packaging and security bug


http://members.cox.net/tuxxer/iptables-fw-config.html

SELinux is totally unusable for all practial purposes in FC2. Just drop the following sentence which also contains a mispelled word. You might want to run your document through a spell checker after every major revision. "It will also allow you to change the SELinux settings, however that discussion is currentply outside of the scope of this document"

http://members.cox.net/tuxxer/ch-bibb-n-refs.html

All of these websites should be hyperlinks

regards
Rahul









--

fedora-docs-list@xxxxxxxxxx
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-docs-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Red Hat 9]     [Yosemite News]     [KDE Users]

  Powered by Linux