Re: Locking down RedHat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Is it a good idea to put a web server in a root jail? How would you go about
doing that?

On 10/25/05, Miskell, Craig <Craig.Miskell@xxxxxxxxxxxxxxxx> wrote:
>
>
> > Anybody have any best practices/links to how to "lock down" RedHat?
> > Serverices to consider shutting off from the default install, etc.
> I've found the checklists and checking tools on www.cisecurity.org<http://www.cisecurity.org>to be
> fairly good. The checking script gives a rating out of 10 as well, so
> you've got a nice metric for your boss. If anything it's too paranoid
> (e.g. it docks points for having a web-server installed, even if that's
> the whole point of the server existing), and I wouldn't expect to ever
> see a server get 10/10, due to operational requirements. However, it
> does at least raise the possible issues and lets you decide whether the
> tradeoff is worth it.
>
> As mentioned in other replies, it's still just a list of stuff that
> "anybody who's done unix for a while knows", but it's nice to see it
> written down, codified, and checked for.
>
> Craig
> =======================================================================
> Attention: The information contained in this message and/or attachments
> from AgResearch Limited is intended only for the persons or entities
> to which it is addressed and may contain confidential and/or privileged
> material. Any review, retransmission, dissemination or other use of, or
> taking of any action in reliance upon, this information by persons or
> entities other than the intended recipients is prohibited by AgResearch
> Limited. If you have received this message in error, please notify the
> sender immediately.
> =======================================================================
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subjecthttps://www.redhat.com/mailman/listinfo/redhat-list


[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux