On Sun, 2003-09-07 at 11:41, Jeff Lacki wrote: > Yes, please give me the resources to look at or purchase. > Im very concerned over security issues as security, especially > these days, is such a concern on the internet.
These are all free resources found on the Linux Documentation Project homepage. They are suggested reading, not necessarily in this order: http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-The-Ultimate-Solution-v2.0.pdf http://www.tldp.org/LDP/nag2/index.html http://www.seifried.org/lasg/ Non-free but very good: Building Secure Servers with Linux, O'Reilly, ISBN: 0596002173 Practical Unix & Internet Security, 3rd Edition, O'Reilly, ISBN: 0596003234 And some quick notes from yours truly: - Always sandbox before putting into production. - Never trust your users. - Never trust anyone. - Use encryption where available. - Use encryption where unavailable (stunnel, ssh tunnelling). - Chroot where possible. - Block all by default, only allow what is absolutely needed. - Sendmail is an SMTP server. It is used for delivery from server to server. If you have no intention of hosting your own mail exchanger, you don't need to allow inbound SMTP. - If you *do* need to host your own mail, use an alternative SMTP server like Postfix or qmail. - Outsource your services where possible (and trustworthy). Most folks have no reason to run their own DNS or SMTP servers. If you don't, and your ISP does, and you trust them... USE THEM. Hopefully this will give you some ideas to get you started. I know that most of this is security-focus, but that's the idea. Whether it's software development or server deployment, most folks neglect proper security design from the ground up. It's always twice as hard and half as effective to "patch in" afterwards. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
