> Anybody have any best practices/links to how to "lock down" RedHat? > Serverices to consider shutting off from the default install, etc. I've found the checklists and checking tools on www.cisecurity.org to be fairly good. The checking script gives a rating out of 10 as well, so you've got a nice metric for your boss. If anything it's too paranoid (e.g. it docks points for having a web-server installed, even if that's the whole point of the server existing), and I wouldn't expect to ever see a server get 10/10, due to operational requirements. However, it does at least raise the possible issues and lets you decide whether the tradeoff is worth it. As mentioned in other replies, it's still just a list of stuff that "anybody who's done unix for a while knows", but it's nice to see it written down, codified, and checked for. Craig ======================================================================= Attention: The information contained in this message and/or attachments from AgResearch Limited is intended only for the persons or entities to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipients is prohibited by AgResearch Limited. If you have received this message in error, please notify the sender immediately. ======================================================================= -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
