On 10/26/10 11:16, Damien Hull wrote:
> I've spent the past few days making sure I get the right info from my server
> and locking it down. Sending this to the list to see if anyone can poke
> holes in my thinking or add anything I've left out.
>
> 1. Ubuntu 10.04 server - Web server with Apache
> 2. Logwatch for daily email on log files
> 3. Logcheck for an hourly analysis of important log info
> 4. tripwire to make sure nothings been changed
> 5. portsentry to keep out the bad guys
> 6. keys for ssh login. No more password logins
>
> The next step is to configure iptables / netfilter to close unused ports. If
> anyone can think of anything I've left out let me know. I don't want to be
> the IT guy that let hackers break into my web server.
I'd spend some time locking down Apache (only load necessary modules,
check directory permissions) as well as PHP if you're using it.
--
Tom
======================================================================
"Z-80 system stack overflow. Shut 'er down Scotty, the system's
sucking mud" - Error message on TRS 80 Model-16B
Tom Simes simestd@netexpress.com
======================================================================
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Oct 26 11:29:23 2010
This archive was generated by hypermail 2.1.8 : Tue Oct 26 2010 - 11:29:23 AKDT