[ Thanks to Jason R.
Fink for this link. ]
“Security is not nearly as hard as one might think. It has been
most administrator’s belief that pro-active security is actually
easier than say setting up a ip forwarding (which could be
considered an aspect of security). I believe it can be even easier
than that, from a systems perspective, security is pretty simple.
This article will gloss over the basic steps for system security
(since there are so many sites that already have all of this
information) and bring to light some other ideas about
security.”
“The duh factor of UNIX security is pretty plain and
straightforward. One pretty much follows the following set of
rules:
- Disable unused services/ports
- Shutdown unrequired daemons
- Shadow passwords
- Port watching on active ports
- Log file scanning
- Using physical barriers (e.g. airwalls)
- Secure(ish) logging (logservers)
- Use secure protocols for internet communications (e.g.
OpenSSH)
These do not need to be discussed at great length here with one
exception; your role and BTW if any of those items are new to you –
then get familiar with them soon.”
“The approach must be as all encompassing as possible.
Disaster recovery is just as important as using secure shell is
just as important as avoiding overflows is just as important as
good performance . . .”