Differences between revisions 2 and 3
Revision 2 as of 2009-11-16 23:46:40
Size: 267
Editor: fruity
Comment:
Revision 3 as of 2009-11-16 23:47:04
Size: 273
Editor: fruity
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 1 fail2ban  1. fail2ban
Line 5: Line 5:
 2 ssh on non standard port  2. ssh on non standard port
Line 7: Line 7:
 3 iptables + ulog, troubleshootinginmyownballs aka fascist firewall  3. iptables + ulog, troubleshootinginmyownballs aka fascist firewall
Line 9: Line 9:
 4 no sudo on the system  4. no sudo on the system
Line 11: Line 11:
 5 removing __ALL__ setuid programs  5. removing __ALL__ setuid programs
Line 13: Line 13:
 6 remote backup of log, rsyslog  6. remote backup of log, rsyslog

My view on securing a debian/ubuntu machine:

  1. fail2ban
  2. ssh on non standard port
  3. iptables + ulog, troubleshootinginmyownballs aka fascist firewall
  4. no sudo on the system

  5. removing ALL setuid programs

  6. remote backup of log, rsyslog

fruity/AdminAndConfs/Security (last edited 2009-11-17 00:49:00 by fruity)