Fedora Security Guide for 11 release
Joe Nall
joe at nall.com
Thu Mar 12 02:56:08 UTC 2009
On Mar 11, 2009, at 7:05 PM, Scott Radvan wrote:
> Hi all,
>
>
> I have built HTML and PDF versions of the very-nearly-finished
> Security
> Guide, which has its focus on Fedora and is on its way to being
> available in the upcoming 11 release.
>
> I thought there may be some members of this list who would like to
> take
> a look at it.
>
> Any reviewers/comments at all are of course more than welcome.
>
> http://sradvan.fedorapeople.org/Security_Guide/en-US/
Wouldn't the mention of fail2ban be appropriate? My servers with
public IP addresses get hundreds of failed login attempts per day
unless I use iptables to block repeat offenders.
Isn't 'PermitRootLogin no' the default for sshd?
I think a short "don't disable SELinux when things go awry" section
with pointers to policy booleans and setroubleshoot would be
appropriate. Dan Walsh's blog is a good SELinux resource without a
document reference.
http://iase.disa.mil/stigs/SRR/unix.html deserves a mention.
Good stuff,
joe
More information about the fedora-devel-list
mailing list