I've been working with Unix (Solaris) and now I'm in charge of securing several Red Hat Linux 8 servers. Besides the Red Hat literature, are there other good resources for information about my new task? Are there any common mistakes people make in securing Linux servers that I should know about?
There is a ton of good stuff out there, including PDFs from SIAC specific to Linux security. Books are also a good resource. Check out this book on securing Red Hat Linux systems:
Read up some on the Bastille Project (http://www.bastille-linux.org/). The Bastille Hardening System hardens Linux and Unix operating systems. It supports the Red Hat, Debian, Mandrake, SuSE and other flavors in addition to most Unix distributions. The project itself is run by Jon Lasser.
Regarding mistakes people make, I would say the biggest mistake would be not properly backing up your systems before undertaking a major hardening effort. If something goes wrong and you need to revert back to a previous release, you must be diligent about this. You also need to make sure you do not work in a vacuum. Tightening up your systems only a little bit might mean your applications will not work anymore. You have to bring your applications team in the process and make sure any changes to the systems are carefully planned and tested. Certain directories might need certain permissions for the application to work properly. You may also be getting rid of logins that you don't think are being used, but in actuality really are. It sounds simplistic, but make sure your ports are not being used before commenting them out!
Another big mistake is making wholesale changes. Implement your hardening plan carefully and strategically. If you make more than one change, and something doesn't work, there is no way of knowing what broke it. Careful change management will also help your process.
This was first published in June 2003