> Given that they have to keep their servers and services online; what > would you do in 5 mins to secure a Linux system?
I assume this means there's a list of services that must stay online. Right? Just because a service is running doesn't mean it needs to be, right? The first thing I'd do is netstat -L to see what's listening. Anything that's not on the list of required services ... kill it. The second thing I'd do is ... You mentioned LAMP. I presume the "M" component doesn't need to be available across the LAN, right? Configure iptables to block it across the LAN. Make sure you have strong passwords. Ensure ssh as root is disabled. Ensure ftp as root is disabled. Long story short ... You must first start with a list of what's required to function. And then systematically disable anything that's not on that list. _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
