Securing Debian

   2006-07-27      Linux

One thing I do when I have installed Debian is to tighten it down slightly. There are some great scripts to do this, such as bastille and also the securing debian howto but here is my top 10 lockdowns:

1. Secure users home directories

   chmod -R 700 /home<br /> vi /etc/adduser.conf

2. Disable all services not used and make sure that sshd is running on protocol2.

3. Disable ftp (use ftpd-ssl or scp instead) and telnet (you should be using ssh)

4. Disable root from accessing sshd, so only a normal user can log on then su.

5. Configure logcheck to send logs to an outside email address.

   apt-get install logcheck

   vi /etc/logcheck/logcheck.conf

   If you need to change the frequency, edit the cron file here:

   vi /etc/cron.d/logcheck

6. Get regular updates from your apt sources

7. Restrict system reboots/shutdown on the console:

   vi /etc/inittab

   ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now

   vi /etc/shutdown.allow<br /> Add your users in that are allowed to shutdown the system when logged in

• Edit pam.d security files to match your security policy:

  cd /etc/security

• Consider using tripwire to monitor any changes in binaries on your system.

• Take a backup of the system. Always a good policy.

comments powered by Disqus