I've been working with Unix (Solaris) and now I'm in charge of securing several Red Hat Linux 8 servers. Besides the Red Hat literature, are there other good resources for information about my new task? Are there any common mistakes people make in securing Linux servers that I should know about? Check out the hardening how-tos in this section: http://www.linux-sec.net/Harden/howto.gwif.html, brought to you by the people at http://w...
There is a ton of good stuff out there, including PDFs from SIAC specific to Linux security. Books are also a good resource. Check out this book on securing Red Hat Linux systems:
Read up some on the Bastille Project (http://www.bastille-linux.org/). The Bastille Hardening System hardens Linux and Unix operating systems. It supports the Red Hat, Debian, Mandrake, SuSE and other flavors in addition to most Unix distributions. The project itself is run by Jon Lasser.
Regarding mistakes people make, I would say the biggest mistake would be not properly backing up your systems before undertaking a major hardening effort. If something goes wrong and you need to revert back to a previous release, you must be diligent about this. You also need to make sure you do not work in a vacuum. Tightening up your systems only a little bit might mean your applications will not work anymore. You have to bring your applications team in the process and make sure any changes to the systems are carefully planned and tested. Certain directories might need certain permissions for the application to work properly. You may also be getting rid of logins that you don't think are being used, but in actuality really are. It sounds simplistic, but make sure your ports are not being used before commenting them out!
Another big mistake is making wholesale changes. Implement your hardening plan carefully and strategically. If you make more than one change, and something doesn't work, there is no way of knowing what broke it. Careful change management will also help your process.
Dig deeper on Linux system security best practices
Related Q&A from Kenneth Milberg
Unix-to-Linux migration expert Ken Milberg describes how virtualization, support, clustering and more fit into the migration of an IT infrastructure ...continue reading
A reader new to Linux wonders about which distribution is recommended for installing Nagios and what Nahant and Tikanga mean.continue reading
Documentation for Red Hat Enterprise Linux 5 covering checking system performance, tuning, kernel configuration and extending the file system exists ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.