Re: [CentOS] General questions about security

2008-02-01 Thread Ross S. W. Walker
To: CentOS mailing list Sent: Fri Feb 01 14:24:29 2008 Subject: Re: [CentOS] General questions about security Ross S. W. Walker a écrit : > > Check to see if the town/county has any policies in place for computer > systems and networks for public services and follow those guidelines. &g

Re: [CentOS] General questions about security

2008-02-01 Thread John R Pierce
[EMAIL PROTECTED] wrote: CI Security has some good hardening guidelines for Linux based servers. Any public facing server should be hardened before deploying it online. www.cisecurity.org also, the US NSA has some excellent guidelines, http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=sc

Re: [CentOS] General questions about security

2008-02-01 Thread techlists
CI Security has some good hardening guidelines for Linux based servers. Any public facing server should be hardened before deploying it online. www.cisecurity.org Paul -- Original message -- From: Niki Kovacs <[EMAIL PROTECTED]> > Hi, > > I admit I never gave s

Re: [CentOS] General questions about security

2008-02-01 Thread Niki Kovacs
Ross S. W. Walker a écrit : Check to see if the town/county has any policies in place for computer systems and networks for public services and follow those guidelines. Otherwise look at surrounding public library systems to see if they have any you can adopt. The surrounding places here (

Re: [CentOS] General questions about security

2008-02-01 Thread Ross S. W. Walker
(drive space, memory, cpu, mysql db space) with email/sms alerts. -Ross - Original Message - From: [EMAIL PROTECTED] <[EMAIL PROTECTED]> To: CentOS mailing list Sent: Fri Feb 01 06:47:36 2008 Subject: Re: [CentOS] General questions about security Les Bell a écrit : > Polic

Re: [CentOS] General questions about security

2008-02-01 Thread Alain Spineux
On Feb 1, 2008 9:14 AM, Niki Kovacs <[EMAIL PROTECTED]> wrote: > Hi, > > I admit I never gave security that much thought, that is, except the > most basic security rules like choosing good passwords, or reasonable > file and directory permissions. But now I have to change that, since > I'll soon ha

Re: [CentOS] General questions about security

2008-02-01 Thread Alain Spineux
On Feb 1, 2008 12:47 PM, Niki Kovacs <[EMAIL PROTECTED]> wrote: > Les Bell a écrit : > > > Policy. It's a drag, writing policies, but without policies, you're in the > > "Ready! Fire! Aim!" school of security. The top tier of policy is the > > "Enterprise Security Policy", which establishes the se

Re: [CentOS] General questions about security

2008-02-01 Thread Les Bell
Niki Kovacs <[EMAIL PROTECTED]> wrote: >> Thanks for your very detailed response. << Trust me when I say: that wasn't detailed. Nowhere near it. >> - Is it worth the hassle to bother with SELinux? - Is the standard firewall configuration enough << You can go light on all that policy stuff, es

Re: [CentOS] General questions about security

2008-02-01 Thread Niki Kovacs
Les Bell a écrit : Policy. It's a drag, writing policies, but without policies, you're in the "Ready! Fire! Aim!" school of security. The top tier of policy is the "Enterprise Security Policy", which establishes the security function, roles, responsibilities, budget, etc. It also gives the powe

Re: [CentOS] General questions about security

2008-02-01 Thread Les Bell
Niki Kovacs <[EMAIL PROTECTED]> wrote: >> I wonder where to begin. << Policy. It's a drag, writing policies, but without policies, you're in the "Ready! Fire! Aim!" school of security. The top tier of policy is the "Enterprise Security Policy", which establishes the security function, roles, re

[CentOS] General questions about security

2008-02-01 Thread Niki Kovacs
Hi, I admit I never gave security that much thought, that is, except the most basic security rules like choosing good passwords, or reasonable file and directory permissions. But now I have to change that, since I'll soon have to setup a dedicated production server for our public libraries.