Securing the Llinux OS - Linux

This is a discussion on Securing the Llinux OS - Linux ; Hi guys I have a Red hat Linux 9 system running sendmail. 1. Can someone guide me how to enable and disable all the log files in the system 2. How to enable/disable remote telnet login for some specific users. ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Securing the Llinux OS

  1. Securing the Llinux OS

    Hi guys
    I have a Red hat Linux 9 system running sendmail.

    1. Can someone guide me how to enable and disable all the log files in the
    system
    2. How to enable/disable remote telnet login for some specific users.
    3. Is there any documents or "Free" books online for securing the Linux
    Operating System.

    Thanks,
    Linux User



  2. Re: Securing the Llinux OS

    Linux User wrote:
    >
    > 1. Can someone guide me how to enable and disable all the log
    > files in the system


    Why would you want to disable the system logs?

    > 2. How to enable/disable remote telnet login for some specific
    > users.


    First thing is to un-install telnet. It is a security risk. Use
    ssh instead if you need remote access.

    # touch /root/.rhosts /root/.netrc /etc/hosts.equiv
    # chmod 0 /root/.rhosts /root/.netrc /etc/hosts.equiv

    > 3. Is there any documents or "Free" books online for securing
    > the Linux Operating System.


    This one might be helpful. A couple of the links are for PDF copies.

    http://www.google.com/linux?hl=en&lr...=Google+Search

    --
    Confucius: He who play in root, eventually kill tree.
    Registered with The Linux Counter. http://counter.li.org/
    Slackware 9.1.0 Kernel 2.4.22 i686 (GCC) 3.2.3
    Uptime: 1 day, 7:42, 1 user, load average: 2.01, 2.05, 2.04


  3. Re: Securing the Llinux OS

    "Linux User" wrote in message
    news:mrEfb.389$H5.66275443@newssvr21.news.prodigy. com


    > I have a Red hat Linux 9 system running sendmail.
    > 1. Can someone guide me how to enable and disable all the log files
    > in the system


    This has all the makings of a troll, but I'll bite briefly:

    If you wish to secure a system, disabling logging is the surest way to fail,
    as you won't have any idea whatsoever what's happening on the system.

    > 2. How to enable/disable remote telnet login for some specific users.


    Disable telnet for *everybody* by not even running the telnet service. Use
    sshd/ssh instead.

    > 3. Is there any documents or "Free" books online for securing the
    > Linux Operating System.


    More than you can count. Do a simple web search such as
    http://www.google.com/search?q="securing+linux"


    tony

    --
    use hotmail com for any email replies



    -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
    http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
    -----== Over 100,000 Newsgroups - 19 Different Servers! =-----

  4. Re: Securing Linux (was: Re: Securing the Llinux OS)

    ["Followup-To:" header set to comp.os.linux.]

    Linux User graced us by uttering:
    > Hi guys
    > I have a Red hat Linux 9 system running sendmail.
    >
    > 1. Can someone guide me how to enable and disable all the log
    > files in the system


    Part of running a secure OS is to keep logs of all that happens
    on it. And since all your logs should be rotated, compressed,
    and eventually removed automatically, this path can only lead to
    compromised security of your Linux system.

    > 2. How to enable/disable remote telnet login for some specific
    > users.


    Disable telnetd or in.telnetd in your xinetd.conf file. IOW, DO
    NOT RUN IT.[*] Configure your sshd and tell your users to use
    it. Reading the sshd_config manpage will tell you how to limit
    the users who may login via ssh.

    > 3. Is there any documents or "Free" books online for securing
    > the Linux Operating System.


    Red Hat (thus far) has aimed to be a desktop distribution and
    does not have a strong sense of security, though it is still
    possible. Aside from that, I can't help you much w/
    documentation, aside from recommending you install the manpage
    rpms from your installation disk. (IIRC, they're not installed by
    default.)
    [*] The telnet client itself has man uses aside from obtaining
    remote shell access. Keep it around. telnetd is the real
    security issue. Remove it.

    HTH,
    Tim Hammerquist
    --
    No violence, gentlemen -- no violence, I beg of you! Consider the furniture!
    -- Sherlock Holmes

  5. Re: Securing the Llinux OS

    Do a search for `Security Enhanced Linux' or SELinux.

    George

    "Linux User" wrote in message
    news:mrEfb.389$H5.66275443@newssvr21.news.prodigy. com...
    > Hi guys
    > I have a Red hat Linux 9 system running sendmail.
    >
    > 1. Can someone guide me how to enable and disable all the log files in the
    > system
    > 2. How to enable/disable remote telnet login for some specific users.
    > 3. Is there any documents or "Free" books online for securing the Linux
    > Operating System.
    >
    > Thanks,
    > Linux User
    >
    >




  6. Re: Securing the Llinux OS

    Linux User wrote:
    > 1. Can someone guide me how to enable and disable all the log files in the
    > system


    man syslog.conf

    > 2. How to enable/disable remote telnet login for some specific users.


    Use /bin/false as shell (or even nicer: /bin/passwd) for users without
    shell login.

    > 3. Is there any documents or "Free" books online for securing the Linux
    > Operating System.


    Unfortunately there is no Linux Operating System. There are only a Linux
    kernel and some people who're using different add-ons to create an OS
    by creating a distribution.

    If you mean "hardening" with "securing", then try to remove/stop every
    software you don't need with your system. Then use security scanners
    like nessus and fix the holes. And keep up to date with new security
    holes, i.e. by reading the CERT announcements and bugtraq.

    If you mean "making secure" with "securing", then learn to understand
    everything what your machine is doing. Then change it until you cannot
    see any possibility to break in anymore. Then think about social
    engineering attacks and your weakness about them and other
    possibilities for compromizing your security again. Then you're
    appreciating that security is a process you need a concept for, and
    not "I'm reading some texts and there I can read how to build
    security".

    Perhaps you mean hardening, I guess.

    VB.
    --
    X-Pie Software GmbH
    Postfach 1540, 88334 Bad Waldsee
    Phone +49-7524-996806 Fax +49-7524-996807
    mailto:vb@x-pie.de http://www.x-pie.de

  7. Re: Securing the Llinux OS

    "Linux User" wrote in message news:...
    > Hi guys
    > I have a Red hat Linux 9 system running sendmail.
    >
    > 1. Can someone guide me how to enable and disable all the log files in the
    > system
    > 2. How to enable/disable remote telnet login for some specific users.
    > 3. Is there any documents or "Free" books online for securing the Linux
    > Operating System.
    >
    > Thanks,
    > Linux User


    Take a look at Bastille for systems hardening. All your other
    questions can be answered in 5 seconds by using an internet search
    engine. C'mon - show at least a little initiative!

    -
    Give a man a fish and you have fed him for today. Teach him how to use
    the 'net, and he won't bother you for weeks!
    - Anon

  8. Re: Securing the Llinux OS

    For securing linux these basic things that u should remember

    1. Make password hard.
    2. Remove unwanted services from xinetd
    3. Apart remove the daemaon and put off using ntsysv
    4. Implement firewall
    5. Checks logs
    6. Implement tcp wrappers
    7. put daemon in chkroot jail

+ Reply to Thread