Or just securing Linux. How do you do it? What are the pitfalls and gotchya’s?
I’m starting this thread as a place to share best practices to secure your installation. Linux is a growing platform with an enviable security record, but it still makes the news every so often for the wrong reasons.
The foundation of any security system has to be a really good threat assessment.
- what is the threat?
- what is the worst that can happen?
- what are the mitigation strategies if the worst does happen?
After that you can ask What can I afford to allow to happen?’ and’ What can not be allowed to happen’? Usually ‘How much will it cost if it does happen?’
If the answer to the last one is less then buying new hardware and reinstalling and the downtime costs, your done. (not likely eh)
Now that you have a list of threats, and a cost associated with each, you should sort them from $$$$ to $ and address each each in turn until your solution costs more then the threat your trying to stop.
There is a lot you can do to really lock down a Linux system for only a little effort. I really like Ubuntu for this because they install the root user without a password and then require a password to log in. This means that it’s impossible to login as root.
So that’s a starting point. What do you do?