Results 1 to 2 of 2
Thread: How to SECURE Linux Boxes ?
Enjoy an ad free experience by logging in. Not a member yet? Register.
- Join Date
- May 2012
How to SECURE Linux Boxes ?
I need help from this forum regarding “Securing Linux Boxes”.
We have around 100 Linux Boxes which are needed to be secured.
For example, if anybody gets root access and try to fire out commands then we must be able to Track that person, who fired out those commands?
Who tried to ‘manipulated the server?
Who misfired wrong commands in that particular server ?
These things we must be able to Track …
So, can anybody help me in knowing How to do this ?
- Join Date
- May 2011
Look into SELinux. It is a kernel-based, modular means of locking down a system. It is not easy or straight-forward, but it does the job. Look into this guide:
You should also consider a firewall (iptables) as part of your systems.
The audit daemon should also be running.
You should disable remote (SSH, e.g.) root logins to the boxes. Users wanting root should have to su/sudo up, in which case their activity will be logged.
You may want to consider BIOS passwords, in order to prevent booting via untrusted media, and password-protecting the boot-loader (grub, etc.).
Physical security of the boxes is also important.