SecurityFocus.com: Securing LinuxApr 02, 2000, 23:54 (0 Talkback[s])
(Other stories by Dale Coddington)
"The purpose of this paper is to describe necessary measures that should be taken in order to secure a default Linux installation. Most default installations of Linux are grossly insecure. This paper focuses on methods that can be used not only to secure a machine with a high degree of confidence, but still allow your users to be able to accomplish their work."
"This paper does not cover procedures for securing a machine that is already on a network. As a rule, no machine should be placed on any network prior to its having been secured against local and remote attack. If a machine has already been compromised, none of the following procedures will improve the system's security. In most cases, depending on the skill of the intruder, the machine will likely already be trojaned or backdoored. Applying the following security procedures on such a machine would only provide a false sense of security."
"As a firm adherent to the philosophy of proactive security, the author does not recommend any attempt to "back-track" and attempt to secure machines that are already in place. It is best to freshly re-install and secure these machines from scratch. After all, it only takes one compromised machine to shatter the security posture of one's entire network."