At 02:07 PM 16/03/1999 -0800, RHS Linux User wrote: >I will be administrating a Red Hat 5.2 linux server in the near future. I >am not a linux expert and would like to know what the best program would >be to guard against hackers. Since I am not an expert, it is important >that the program be fairly manageable. I will be using the server as an >internet host for a small organization. > Your best bet is to start with the resources at http://metalab.unc.edu/mdw/HOWTO/Security-HOWTO.html. Also, check www.redhat.com's support page for the security updates. There are several affected packages. You probably will want to keep this machine *out* of graphics mode. I've heard from a number of sources that X servers are notorious for being security holes. Also, only log in as root if absolutely necessary. Log in as yourself and 'su' as needed to install programs. If you're doing a source install, only 'su' when you get to the 'make install' stage so you aren't creating programs with root privleges. What I've picked up (I'm neither a Linux nor a security expert) is that you can never make a system wholly hack-proof, you can simply make it increasingly difficult for the hacker to get in, make changes, and cover his tracks. Also, are you a member of a local Linux users' group? Most of the people in these groups are IS professionals. They've probably got their own tips and recommendations.
