[Techtalk] Server was hacked into; looking for tips on how
to secure it
Jessica Smith
crystalsinger at mail.com
Mon Feb 24 17:24:53 EST 2003
Hi Jen,
CERT have an excellent security overview available from
www.cert.org/tech_tips/unix_security_checklist2.0.html. Lots of good stuff
- so long as you *do* it!
Security by osmosis doesn't work... ;-)
Bastille is a good wizard-type hardening tool, available from
www.bastille-linux.org.
I also use
chkrootkit for integrity checking:
PSAD for detecting scans: www.cipherdyne.com/psad/
logwatch to monitor weird stuff in the logs: www.logwatch.org
and am just coming to grips with tripwire, another integrity checker:
www.logwatch.org
Most of these can be configured to run as cron jobs and e-mail you the
output, or run as daemons that process stuff and e-mail you when certain
conditions occur.
There's *lots* of other security tools out there too, often which one(s)
you use is just a matter of taste or evangelism. :-)
Hope that helps,
Jess
More information about the Techtalk
mailing list