- Joined
- Jun 27, 2010
- Messages
- 411
- Reaction score
- 240
Introduction
I just found a very well written, comprehensive article about securing RHEL 5-based servers. In case you didn't know, CentOS is a RHEL derivative. And most topics in the article are applying for all Linux distributions (like world-writable directories and SELinux).The article was written by the NSA. So yarr, I don't doubt their expertise
I've spend countless hours on securing my servers and a good portion of the time I used to investigate attack angles that I hadn't thought of.
If I had stumbled upon this article earlier, I could have saved much time and hassle googling and derping around on more than shady sites.
This isn't a traditional step-by-step guide. Take your time, read all of it, google the stuff you don't know. Pay attention to what you're doing. Back up everything before you try anything. Even better: apply changes to your dev machine first. Because rushing security related changes to your machine tend to backfire badly. Ranging from hard-to-trace bugs to locking yourself out for good.
I figured some of you guys aren't comfortable browsing the NSA homepage, so I provided an MF mirror.
Download
NSA_RHEL_5_GUIDE_v4.2.pdf 1,09 MB
Conclusion tt1:
If applied correctly, this guide should protect you against most script kiddies out there.
I don't know why, but it always gives me a warm, fuzzy feeling seeing a thwarted hack attempt from yet-another-1337-h4x0r trying out his kewl Metasploit collection, giving up in frustration after fruitless hours of ballz-to-the-walls 'sploiting.
Because with this guide, even if he gains access to the machine, he should be very limited in his actions. And most of those pests give up after realising that their kewl "download and execute"-payloads just aren't working.
I just found a very well written, comprehensive article about securing RHEL 5-based servers. In case you didn't know, CentOS is a RHEL derivative. And most topics in the article are applying for all Linux distributions (like world-writable directories and SELinux).The article was written by the NSA. So yarr, I don't doubt their expertise
I've spend countless hours on securing my servers and a good portion of the time I used to investigate attack angles that I hadn't thought of.
If I had stumbled upon this article earlier, I could have saved much time and hassle googling and derping around on more than shady sites.
This isn't a traditional step-by-step guide. Take your time, read all of it, google the stuff you don't know. Pay attention to what you're doing. Back up everything before you try anything. Even better: apply changes to your dev machine first. Because rushing security related changes to your machine tend to backfire badly. Ranging from hard-to-trace bugs to locking yourself out for good.
I figured some of you guys aren't comfortable browsing the NSA homepage, so I provided an MF mirror.
Download
NSA_RHEL_5_GUIDE_v4.2.pdf 1,09 MB
SHA-256:
Code:
3a6aff3fb3d81bccd61b191f7b11ecf221d8b7553bad96bf3e28f62d928efdd4
You must be registered to see links
You must be registered to see links
You must be registered to see links
Conclusion tt1:
If applied correctly, this guide should protect you against most script kiddies out there.
I don't know why, but it always gives me a warm, fuzzy feeling seeing a thwarted hack attempt from yet-another-1337-h4x0r trying out his kewl Metasploit collection, giving up in frustration after fruitless hours of ballz-to-the-walls 'sploiting.
Because with this guide, even if he gains access to the machine, he should be very limited in his actions. And most of those pests give up after realising that their kewl "download and execute"-payloads just aren't working.
Last edited: