---

LinuxSecurity.com: LinuxSecurity.com Releases the Linux Security Quick Reference Card

[ Thanks to Dave
Wreski
for this link. ]

“This Quick Reference Card is intended to provide a starting
point for improving the security of your system. Contained within
include references to security resources around the net, tips on
securing your Linux box, and general security information. It is
intended to be printed on 8×11″ US paper in Landscape.”

“Using the lsattr and chattr commands, administrators can modify
characteristics of files and directories, including the ability to
control deletion and modification above what normal chmod provides.
The use of “append-only” and “immutable” attributes can be
particularly effective in preventing log files from being deleted,
or Trojan Horses from being placed on top of trusted binaries.
While not a guarantee a system file or log won’t be modified, only
root has the ability to remove this protection. The chattr command
is used to add or remove these properties, while the lsattr can be
used to list them.”

“There should never be a reason for user’s to be able to run
setuid programs from their home directories. Use the nosuid option
in /etc/fstab for partitions that are writable by others than root.
You may also wish to use the nodev and noexec on user’s home
partitions, as well as /var, which prohibits execution of programs,
and creation of character or block devices, which should never be
necessary anyway. See the mount man page for more information.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis