491 lines
6.5 KiB
HTML
491 lines
6.5 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Security Quick-Start HOWTO for Red Hat Linux</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
|
|
"><LINK
|
|
REL="NEXT"
|
|
TITLE="Introduction"
|
|
HREF="intro.html"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Secure"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Security"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Services"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Firewall"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Intrusion"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Hacker"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Hacked"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Cracker"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Cracked"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="owned"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="Firewall"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="ipchains"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="iptables"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="tcpwrappers"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="portsentry"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="virus"><META
|
|
NAME="KEYWORD"
|
|
CONTENT="trojan"></HEAD
|
|
><BODY
|
|
CLASS="ARTICLE"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="ARTICLE"
|
|
><DIV
|
|
CLASS="TITLEPAGE"
|
|
><H1
|
|
CLASS="TITLE"
|
|
><A
|
|
NAME="AEN2">Security Quick-Start HOWTO for Red Hat Linux</H1
|
|
><DIV
|
|
CLASS="AUTHORGROUP"
|
|
><A
|
|
NAME="AEN5"><H3
|
|
CLASS="AUTHOR"
|
|
><A
|
|
NAME="AEN6"
|
|
>Hal Burgiss</A
|
|
></H3
|
|
><DIV
|
|
CLASS="AFFILIATION"
|
|
><DIV
|
|
CLASS="ADDRESS"
|
|
><P
|
|
CLASS="ADDRESS"
|
|
> hal@foobox.net<br>
|
|
</P
|
|
></DIV
|
|
></DIV
|
|
></DIV
|
|
><P
|
|
CLASS="PUBDATE"
|
|
>v. 1.2, 2002-07-21<BR></P
|
|
><DIV
|
|
CLASS="REVHISTORY"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
><TR
|
|
><TH
|
|
ALIGN="LEFT"
|
|
VALIGN="TOP"
|
|
COLSPAN="3"
|
|
><B
|
|
>Revision History</B
|
|
></TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision v. 1.2</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2002-07-21</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: hb</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>A few small additions, and fix the usual broken links.</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision v. 1.1</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2002-02-06</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: hb</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>A few fixes, some additions and many touch-ups from the original.</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revision v. 1.0</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>2001-11-07</TD
|
|
><TD
|
|
ALIGN="LEFT"
|
|
>Revised by: hb</TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
COLSPAN="3"
|
|
>Initial Release.</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
><DIV
|
|
><DIV
|
|
CLASS="ABSTRACT"
|
|
><A
|
|
NAME="AEN46"><P
|
|
></P
|
|
><P
|
|
> </P
|
|
><P
|
|
> </P
|
|
><P
|
|
> This document is a an overview of the basic steps required to
|
|
secure a Linux installation from intrusion. It is intended to be an
|
|
introduction. This is a Red Hat specific version of this
|
|
document. </P
|
|
><P
|
|
></P
|
|
></DIV
|
|
></DIV
|
|
><HR></DIV
|
|
><DIV
|
|
CLASS="TOC"
|
|
><DL
|
|
><DT
|
|
><B
|
|
>Table of Contents</B
|
|
></DT
|
|
><DT
|
|
>1. <A
|
|
HREF="intro.html"
|
|
>Introduction</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>1.1. <A
|
|
HREF="intro.html#AEN54"
|
|
>Why me?</A
|
|
></DT
|
|
><DT
|
|
>1.2. <A
|
|
HREF="intro.html#AEN92"
|
|
>Notes</A
|
|
></DT
|
|
><DT
|
|
>1.3. <A
|
|
HREF="intro.html#AEN97"
|
|
>Copyright</A
|
|
></DT
|
|
><DT
|
|
>1.4. <A
|
|
HREF="intro.html#AEN105"
|
|
>Credits</A
|
|
></DT
|
|
><DT
|
|
>1.5. <A
|
|
HREF="intro.html#DISCLAIMER"
|
|
>Disclaimer</A
|
|
></DT
|
|
><DT
|
|
>1.6. <A
|
|
HREF="intro.html#AEN124"
|
|
>New Versions and Changelog</A
|
|
></DT
|
|
><DT
|
|
>1.7. <A
|
|
HREF="intro.html#AEN136"
|
|
>Feedback</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>2. <A
|
|
HREF="foreword.html"
|
|
>Foreword</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>2.1. <A
|
|
HREF="foreword.html#AEN168"
|
|
>The Optimum Configuration</A
|
|
></DT
|
|
><DT
|
|
>2.2. <A
|
|
HREF="foreword.html#AEN176"
|
|
>Before We Start</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>3. <A
|
|
HREF="services.html"
|
|
>Step 1: Which services do we really need?</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>3.1. <A
|
|
HREF="services.html#AUDIT"
|
|
>System Audit</A
|
|
></DT
|
|
><DT
|
|
>3.2. <A
|
|
HREF="services.html#DANGER"
|
|
>The Danger Zone (or r00t m3 pl34s3)</A
|
|
></DT
|
|
><DT
|
|
>3.3. <A
|
|
HREF="services.html#STOPSERVICES"
|
|
>Stopping Services</A
|
|
></DT
|
|
><DT
|
|
>3.4. <A
|
|
HREF="services.html#EXCEPTIONS"
|
|
>Exceptions</A
|
|
></DT
|
|
><DT
|
|
>3.5. <A
|
|
HREF="services.html#CONCLUSIONS"
|
|
>Summary and Conclusions for Step 1</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>4. <A
|
|
HREF="updates.html"
|
|
>Step 2: Updating</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>4.1. <A
|
|
HREF="updates.html#AEN571"
|
|
>Summary and Conclusions for Step 2</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>5. <A
|
|
HREF="firewalls.html"
|
|
>Step 3: Firewalls and Setting Access Policies</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>5.1. <A
|
|
HREF="firewalls.html#STRATEGY"
|
|
>Strategy</A
|
|
></DT
|
|
><DT
|
|
>5.2. <A
|
|
HREF="firewalls.html#FILTERS"
|
|
>Packet Filters -- Ipchains and Iptables</A
|
|
></DT
|
|
><DT
|
|
>5.3. <A
|
|
HREF="firewalls.html#TCPWRAPPERS"
|
|
>Tcpwrappers (libwrap)</A
|
|
></DT
|
|
><DT
|
|
>5.4. <A
|
|
HREF="firewalls.html#PORTSENTRY"
|
|
>PortSentry</A
|
|
></DT
|
|
><DT
|
|
>5.5. <A
|
|
HREF="firewalls.html#PROXIES"
|
|
>Proxies</A
|
|
></DT
|
|
><DT
|
|
>5.6. <A
|
|
HREF="firewalls.html#INDAPPS"
|
|
>Individual Applications</A
|
|
></DT
|
|
><DT
|
|
>5.7. <A
|
|
HREF="firewalls.html#VERIFY"
|
|
>Verifying</A
|
|
></DT
|
|
><DT
|
|
>5.8. <A
|
|
HREF="firewalls.html#LOGGING"
|
|
>Logging</A
|
|
></DT
|
|
><DT
|
|
>5.9. <A
|
|
HREF="firewalls.html#WHERETOSTART"
|
|
>Where to Start</A
|
|
></DT
|
|
><DT
|
|
>5.10. <A
|
|
HREF="firewalls.html#SUMMARY3"
|
|
>Summary and Conclusions for Step 3</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>6. <A
|
|
HREF="intrusion.html"
|
|
>Intrusion Detection</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>6.1. <A
|
|
HREF="intrusion.html#IDS"
|
|
>Intrusion Detection Systems (IDS)</A
|
|
></DT
|
|
><DT
|
|
>6.2. <A
|
|
HREF="intrusion.html#HACKED"
|
|
>Have I Been Hacked?</A
|
|
></DT
|
|
><DT
|
|
>6.3. <A
|
|
HREF="intrusion.html#RECLAIM"
|
|
>Reclaiming a Compromised System</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
><DT
|
|
>7. <A
|
|
HREF="general.html"
|
|
>General Tips</A
|
|
></DT
|
|
><DT
|
|
>8. <A
|
|
HREF="appendix.html"
|
|
>Appendix</A
|
|
></DT
|
|
><DD
|
|
><DL
|
|
><DT
|
|
>8.1. <A
|
|
HREF="appendix.html#SERVERSETC"
|
|
>Servers, Ports, and Packets</A
|
|
></DT
|
|
><DT
|
|
>8.2. <A
|
|
HREF="appendix.html#PORTS"
|
|
>Common Ports</A
|
|
></DT
|
|
><DT
|
|
>8.3. <A
|
|
HREF="appendix.html#NETSTAT"
|
|
>Netstat Tutorial</A
|
|
></DT
|
|
><DT
|
|
>8.4. <A
|
|
HREF="appendix.html#THREATS"
|
|
>Attacks and Threats</A
|
|
></DT
|
|
><DT
|
|
>8.5. <A
|
|
HREF="appendix.html#LINKS"
|
|
>Links</A
|
|
></DT
|
|
><DT
|
|
>8.6. <A
|
|
HREF="appendix.html#TEXT"
|
|
>Editing Text Files</A
|
|
></DT
|
|
><DT
|
|
>8.7. <A
|
|
HREF="appendix.html#NMAP"
|
|
>nmap</A
|
|
></DT
|
|
><DT
|
|
>8.8. <A
|
|
HREF="appendix.html#SYSCTL"
|
|
>Sysctl Options</A
|
|
></DT
|
|
><DT
|
|
>8.9. <A
|
|
HREF="appendix.html#SECUREALT"
|
|
>Secure Alternatives</A
|
|
></DT
|
|
><DT
|
|
>8.10. <A
|
|
HREF="appendix.html#PFILTERS"
|
|
>Ipchains and Iptables Redux</A
|
|
></DT
|
|
></DL
|
|
></DD
|
|
></DL
|
|
></DIV
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="intro.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
> </TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Introduction</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |