Focus on Linux
Hardening CentOS Jul 03 2008 03:53PM
Florin Iliescu (iliescufm yahoo com) (12 replies)
Re: Hardening CentOS Jul 05 2008 08:46PM
Andraz Sraka (a aufbix org)
RE: Hardening CentOS Jul 04 2008 07:37AM
Nokin Jérôme (jerome nokin trasys be)
Re: Hardening CentOS Jul 03 2008 11:32PM
flying mayo (flyingmayo gmail com) (1 replies)
Re: Hardening CentOS Jul 04 2008 07:02PM
Seth Mattinen (sethm rollernet us)
Re: Hardening CentOS Jul 03 2008 08:14PM
Mario Spinthiras (mspinthiras gmail com)
Re: Hardening CentOS Jul 03 2008 07:51PM
Chase Simms (Csimm pubpress com)
Florin,

I recommend a two prong approach. Do some general research into
hardening Linux at places like SANS(www.sans.org) and Center for
Internet Security(www.cisecurity.org). Basically update everything,
disable unnecessary services, limit access. You should probably look at
the Bastille hardening program(bastille-linux.sourceforge.net). I
really think Bastille will help you. I hesitate to say stay away from
SE Linux, but it can be quite a bear to get your apps running with it.

It's just as important to secure the app. You really need to look at
the SFTP application you will be using and evaluate it's security level.
If you lock down the OS, block all the bad ports in the firewall, but
leave the FTP app with weak security you're just wasting your time.
Your server is only as secure as the weakest link. I know this is the
Linux list, but you really will need to take a wider approach and secure
the entire system.

A few other things to consider are backups and integrity checking. How
much data loss is acceptable? How long will the files sit on the FTP
server before they are copied/moved off? Tripwire is a great way to
monitor critical files and notifying the sysadmin if they change.

Best of luck,
Chase

>>> Florin Iliescu <iliescufm (at) yahoo (dot) com [email concealed]> 7/3/2008 11:53 AM >>>
Helo,

Can anybody help me with some procedures to secure a CentOS server? I
am going to use it for receiving files over Internet with SFTP.

Thank you,

Florin

The information in this email is intended for the sole use of the
addressees and may be confidential and subject to protection under the
law. If you are not the intended recipient, you are hereby notified that
any distribution or copying of this email is strictly prohibited. If you
have received this message in error, please reply and delete your copy.

[ reply ]
Re: Hardening CentOS Jul 03 2008 05:41PM
Jure Krasovic (jure krasovic lusp com)
RE: Hardening CentOS Jul 03 2008 05:18PM
Tony UcedaVelez (tonyuv versprite com)
Re: Hardening CentOS Jul 03 2008 05:10PM
Peter Hinse (loco d0pefish de)
Re: Hardening CentOS Jul 03 2008 04:58PM
aurbain (aurbain interactivebrokers com)
Re: Hardening CentOS Jul 03 2008 04:51PM
Jeronimo Zucco (jczucco ucs br)
Re: Hardening CentOS Jul 03 2008 04:20PM
Mohd Irwan Jamaluddin (mij irwan name)
Re: Hardening CentOS Jul 03 2008 04:19PM
David A. Kennel (dkennel lanl gov) (1 replies)
Re: Hardening CentOS Jun 22 2009 04:45PM
Tony Murphy (tmurphy trustedcs com) (1 replies)
Re: Hardening CentOS Nov 24 2009 04:25PM
Tony Murphy (tmurphy trustedcs com)


 

Privacy Statement
Copyright 2010, SecurityFocus