• Home
• Topics
• Linux in the data center
• Linux network administration
• Securing your Red Hat Linux network

Securing your Red Hat Linux network

Requires Free Membership to View

Login



When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.

Margie Semilof, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchEnterpriseLinux.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchEnterpriseLinux.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

• Only install the packages and components you require for your hosts. Any host build should start from the Red Hat 'minimal' build and then add any required additional packages.
• Update your hosts frequently and ensure any known vulnerabilities are addressed using patching, updates or workarounds.
• Remove any unneeded users and groups. Also change the passwords of, and preferably lock, any user accounts which do not need to log in. Remember to chose strong passwords and change them on a regular basis.
• Remove any unnecessary process, daemons or services. Red Hat comes with a number of services you probably don't need, for example, unless you need NFS you should disable it and any related services.
• Firewall your hosts and your network. Install a firewall such as iptables to your host and secure it. Install a firewall between your hosts and any external networks. Ensure you firewall both incoming and outgoing traffic so as to only allow those services and daemons which you actually require to send and receive traffic on your host.
• Secure incoming connections to your hosts. This includes tools such as ssh where you should, for example, disallow root logins. This also applies to securing services, such as mail, which you might want to allow through your firewalling. Limit access to these services to the resources, hosts and networks that require them.
• Install network- and host-based Intrusion Detection Systems (HIDS) and/or integrity checking application such as Tripwire on hosts.
• Look at hardening the base operating system and kernel of your hosts with additions such as Security Enhanced Linux or Openwall.
• Log. Log some more. And then sort, correlate, alert and -- most importantly --review your logs and alerts.
• Review Red Hat's security announcements and general Linux security lists for vulnerabilities or bugs relevant to your hosts. Awareness is the first step in prevention.

Dig Deeper

This was first published in July 2005

More from Related TechTarget Sites

• Data Center
• Server Virtualization
• Cloud computing
• Enterprise Desktop

• Data Center

  • Why Zynga moved from public cloud to hybrid cloud

    The subtext of Zynga’s “hybrid cloud” strategy is that at a certain scale, public cloud ain’t cheap.

  • Dell microserver gives energy-efficient IT shops a glimpse of Ivy Bridge

    New Dell microservers include power-efficient Ivy Bridge processors based on Intel’s 22-nm manufacturing process.

  • How to balance three-phase power to maximize UPS capacity

    Apply these techniques to balance the three-phase power load and avoid unnecessarily buying a costly new UPS.

• Server Virtualization

  • VMware pros glean vSphere roadmap from CTO in VMUG videos

    VMware customers hope that vSphere virtualization products will soon have more automation and integration.

  • New virtual data center design decisions with Hyper-V 3.0

    IT pros are presented with new virtual data center design options, thanks to new feature in Hyper-V 3.0. So which architecture will you choose?

  • How promiscuous mode affects virtual network security

    Enabling promiscuous mode could spell doom for your virtual network security, especially if inexperienced IT pros are at the helm. So take caution.

• Cloud computing

  • Azure’s identity crisis and other cloud computing sound bites

    Microsoft Azure wants to be called Loretta. No, that’s not true. Or is it? Find out that answer and other news overheard in the cloud this past week.

  • Is PaaS just another four-letter word in cloud computing?

    PaaS is a quick fix for companies looking to deploy new apps, but established firms with legacy apps may consider it a dirty word.

  • PaaS selection starts at the programming language

    The PaaS market is growing without a single leader or approach. Picking a model should involve more than just saying, ‘Eeney, meeney, miney, moe.’

• Enterprise Desktop

  • Tuning and tweaking device drivers on the Windows 8 Consumer Preview

    The Windows 8 Consumer Preview recognizes most hardware, but you should keep up on OS and chipset developments and review Windows device drivers. Here's where to start.

  • Delivering Windows device drivers made easy with deployment images

    Windows device drivers are needed to get a variety of hardware to work together. The deployment image for updating operating systems and apps can facilitate desktop maintenance.

  • Mac OS X Lion security flaws no longer a reason to delay adoption

    Mac OS X Lion security vulnerabilities have delayed adoption since Apple released the operating system. After some much-needed updates, is the OS finally enterprise-ready?

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map