Securing FC 4
AragonX
aragonx at dcsnow.com
Sat Aug 20 14:59:12 UTC 2005
I had an intrusion on one of my servers and am in the process of hardening
it (after a reinstall). I've taken all the basic steps (shutting down
unused services etc) and have done the following:
Installed Smothwall on a separate box.
Installed & configured AIDE, Snort and chkrootkit
Ran Bastille
I am in the process of configuring LIDS. I'm using LIDS instead of
SELinux because it's easier for me to configure.
My next and final step will be to install mod_security.
The server performs the following tasks:
Web (Squirrelmail, eGroupWare, myPhpAdmin and others) and email serving
to the internet.
File, print and DHCP serving to my local network.
I'm looking for more preventative measures. It appears that LIDS and
mod_security are the only ones in that role now. Should I jail apache?
Would that give me any benefits over what LIDS provides?
Thank you in advance.
More information about the fedora-list
mailing list