"This article starts off a series of articles geared towards securing your system. After being asked
plenty of times "How can I secure my system?" I figured it was time for a series like this one. These
articles are generally geared towards new users, but might serve as a reference to the experienced
too. Anyhow someone will benefit from these articles =)"
"Partitioning is often overlooked by many people, but play a key security role IMO. Any partitions that
do NOT need suid binaries, mount them with the nosuid option!
.../home, and /tmp are mounted with the nosuid option, this is because they do not
need to contain suid binaries. Some local exploits, will throw a suid binary into /tmp, and can lead to
a local compromise within a blink of the eye. This will stop that."
"Local security is often overlooked, I will cover some local security issues below. The first topic I will
cover is your BIOS, this should be passworded, no exceptions.
... You should also set your boot sequence to
"C Only" and change it when needed, the purpose for this is so that a local cracker cannot use a
boot disk to start and mount your file-system.
You should also password LILO. to do this open /etc/lilo.conf in a text editor, and add a
password=XXX entry..."
