I just use iptables to filter, disable all the services I don't need,
compile a custom kernel,
set openssh to version 2 only and don't accept pwds (in some cases only dsa-keys)
and check remotely with nmap/nessus to see what's still reachable
also try to make all services that are running and reachable not-show
their version.
so all manually, no tools that do the work for me.
regards,
Diederik
> Date: Wed, 22 May 2002 12:29:14 -0400
> From: "Fallon, Benjamin" <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Linux Hardening
>
> Anyone know where I can find step-by-step documentation
> on Hardening RH Linux boxes? I usually just use Bastille
> Linux to do the hardening but I'd also like a better
> understanding to be able to also perform the task manually
> as well.
>
> Thanks,
>
> Ben
>
--
Lord of the Rings LITE(tm)
-- by J.R.R. Tolkien
Some guys take a long vacation to throw a ring into a volcano
One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.
