Jean-Paul Lacquement wrote:
Hi,
I plan to secure my Debian stable (or testing if you say it's better) server.
I already did the followings:
- installed chkrootkit
- installed fail2ban (for ssh and proftpd)
- allow only one user (not root) via /etc/ssh/sshd_config, only ssh v2
The followings daemon are installed :
- proftpd
- apache2
- ssh
Would you please list me which packages to install and which rules to apply ?
Many thanks,
Jean-Paul
Hi
Just remember less (installed software) means more security. So go for
the minimalist installation achievable.
You may also want to look at software like
rkhunter
aide
logwatch
logcheck
checksecurity
tiger
unhide
Modsecurity for apache (1&2)
If you using SNMP, natuarally V3 would be a good idea
If you using ftp, cant you opt for ssh rather, you can even use chroot
for ssh.
I always use testing. And have had great success. (Recently, I was able
to achieve PCI compliancy)
O, for ssh password as some ASCII too example.
tryAnd_H4ckTh1s5
I dont see the need to iptables rules, but in case you do have the need,
rather look at xtables.
http://jengelh.medozas.de/projects/xtables/
All the best
Brent Clark
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]