Linux Today: Linux News On Internet Time.

RootPrompt.org: Securing Linux Mandrake

Aug 21, 2000, 13:47 (0 Talkback[s])
(Other stories by Ranger Rick)

[ Thanks to Noel for this link. ]

"As Linux Mandrake works it's way away from it's Red Hat roots, they've added a number of features "out of the box" that make it easier to use as a server. However, there are still a number of things that I do before considering a new install "ready" to be configured for offering any services. I recently had to put together a list of things that I normally do after installation for my employer, and I figured I would pass this information along to RootPrompt in the hopes that it will help someone else. Despite the fact that this is geared towards Mandrake, most of this should apply with very few changes to almost any distribution."

"One of the nicest things about the newest Mandrake releases is a better emphasis on security. One thing I really like that isn't present in RedHat is the 'secure' versions of the kernel, which includes some of the optional third-party patches for locking down Linux, the most notable being the 'OpenWall' patches, that help prevent buffer overflows and /tmp race-condition hacks, as well as restricting access to fifos and the /proc filesystem. For a complete rundown of what it does, see the README."

"While it's not really security-related, another nice thing that Mandrake supports out of the box, is the new ReiserFS filesystem. It offers journaling, and a btree-based structure that promises to speed things up as well as use less space."

Complete Story

Related Stories: