One thing I do when I have installed Debian is to tighten it down slightly. There are some great scripts to do this, such as bastille and also the securing Debian howto but here is my top 10 lockdowns:
- Secure users home directories
chmod -R 700 /home
vi /etc/adduser.conf - Disable all services not used and make sure that sshd is running on protocol2.
- Disable ftp (use
ftpd-ssl or scp instead
) and telnet (you should be using ssh)
- Disable root from accessing sshd, so only a normal user can log on then su.
- Configure logcheck to send logs to an outside email address.
apt-get install logcheckvi /etc/logcheck/logcheck.conf
If you need to change the frequency, edit the cron file here:
vi /etc/cron.d/logcheck - Get regular updates from your apt sources
- Restrict system reboots/shutdown on the console:
vi /etc/inittab
ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
vi /etc/shutdown.allow
Add your users in that are allowed to shutdown the system when logged in - Edit pam.d security files to match your security policy:
cd /etc/security - Consider using tripwire to monitor any changes in binaries on your system.
- Take a backup of the system. Always a good policy.