My view on securing a debian/ubuntu machine:
- 1 fail2ban 2 ssh on non standard port 3 iptables + ulog, troubleshootinginmyownballs aka fascist firewall 4 no sudo on the system
5 removing ALL setuid programs 6 remote backup of log, rsyslog
My view on securing a debian/ubuntu machine:
5 removing ALL setuid programs 6 remote backup of log, rsyslog