Lightspoke Documentation Resource

Business Web Application Platform

Web-Based Database

Security Quick-Start HOWTO for Linux

Hal Burgiss

     [email protected]
    

v. 1.2, 2002-07-21

Revision History
Revision v. 1.2 2002-07-21 Revised by: hb
A few small additions, and fix the usual broken links.
Revision v. 1.1 2002-02-06 Revised by: hb
A few fixes, some additions and many touch-ups from the original.
Revision v. 1.0 2001-11-07 Revised by: hb
Initial Release.

Table of Contents
1. Introduction
1.1. Why me?
1.2. Copyright
1.3. Credits
1.4. Disclaimer
1.5. New Versions and Changelog
1.6. Feedback
2. Foreword
2.1. The Optimum Configuration
2.2. Before We Start
3. Step 1: Which services do we really need?
3.1. System Audit
3.2. The Danger Zone (or r00t m3 pl34s3)
3.3. Stopping Services
3.4. Exceptions
3.5. Summary and Conclusions for Step 1
4. Step 2: Updating
4.1. Summary and Conclusions for Step 2
5. Step 3: Firewalls and Setting Access Policies
5.1. Strategy
5.2. Packet Filters -- Ipchains and Iptables
5.3. Tcpwrappers (libwrap)
5.4. PortSentry
5.5. Proxies
5.6. Individual Applications
5.7. Verifying
5.8. Logging
5.9. Where to Start
5.10. Summary and Conclusions for Step 3
6. Intrusion Detection
6.1. Intrusion Detection Systems (IDS)
6.2. Have I Been Hacked?
6.3. Reclaiming a Compromised System
7. General Tips
8. Appendix
8.1. Servers, Ports, and Packets
8.2. Common Ports
8.3. Netstat Tutorial
8.4. Attacks and Threats
8.5. Links
8.6. Editing Text Files
8.7. nmap
8.8. Sysctl Options
8.9. Secure Alternatives
8.10. Ipchains and Iptables Redux



This resource is mirrored from the Linux Documentation Project. It was posted as a resource for all. Courtesy of Lightspoke: The web-based database company.



Additional resources:
Web-Based Database | Business Applications | Internet Data Store | Database On-Demand | Hosted Web Service | Fast Distributed Applications | Online Web Applications | Online Database | Find Apps | Rebate Tracker | Techrepublic | Unix Resources
Special Thanks:
Vancouver Real Estate Agent