Just installed DA so what now ?

O

ozgurerdogan

Verified User
Joined
Apr 20, 2008
Messages
347
Hello guys, I just installed DA and want to learn what steps I must take to have a secure server? Do I have to first make security stuff or I should make it at last step ? What steps do you recommend to do for securtiy, update, spam, antivirus? Does it matter which steps taken first and last?

Any comment will be helpfull.
Thanks
 
Hi,
You will get more specific responses if you include your OS but i'll guess at UNIX and propose a few things you could do to increase security;
- Disable direct root access (instead add a user e.g. admin to the wheel/super user group)
- Restrict user access to certain files/folders/functions such as w, who, /etc/group, /etc/passwd, /etc/rc.conf
- Restrict users from viewing processes belonging to another UID
- Look at third party software such as Ossec HIDS to suppress brute force attacks/exploit scanning
- Enable a firewall to adopt a 'block all except' policy (there are posts on this forum to help with example rulesets)

That's only a snapshot really, much more info would depend on your particular operating system
 
Thank Rich-Boy,
I will consider all in list. Even I am new at linux I will need to google for these two:

- Restrict user access to certain files/folders/functions such as w, who, /etc/group, /etc/passwd, /etc/rc.conf
- Restrict users from viewing processes belonging to another UID

Do you have a correct way for instruction ?
Thanks
 
So it is linux your running? If so what flavour? To be honest i'm much more experienced with FreeBSD so i'm not sure of a UID obscurity fix you could implement inside Linux but restricting access is just a matter of chmodding;

chmod 700 /usr/bin/w
chmod 700 /usr/bin/who
chmod 700 /etc/group

Be careful of restricting too much access though because you woulnd't want to leave users not being able to change their password -- just try a few things out and afterwards test to see if users can still perform all the nececary actions.
 
You must log in or register to reply here.
Back
Top