One thing I do when I have installed Debian is to tighten it down slightly. There are some great scripts to do this, such as bastille and also the securing debian howto but here is my top 10 lockdowns:

1. Secure users home directories
   chmod -R 700 /home
vi /etc/adduser.conf
2. Disable all services not used and make sure that sshd is running on protocol2.
3. Disable FTP (use ftpd-SSL or scp instead) and telnet (you should be using SSH)
4. Disable root from accessing sshd, so only a normal user can log on then su.
5. Configure logcheck to send logs to an outside email address.
   apt-get install logcheck
vi /etc/logcheck/logcheck.conf
   If you need to change the frequency, edit the cron file here:
   vi /etc/cron.d/logcheck
6. Get regular updates from your apt sources
7. Restrict system reboots/shutdown on the console:
   vi /etc/inittab

   ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now

   vi /etc/shutdown.allow
Add your users in that are allowed to shutdown the system when logged in

8. Edit pam.d security files to match your security policy:
   CD /etc/security
9. Consider using tripwire to monitor any changes in binaries on your system.
10. Take a backup of the system. Always a good policy.

This entry was posted on Thursday, July 27th, 2006 at 10:08 am and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.