Re: Linux hardening

[security () surefoot com]

On Saturday 20 August 2005 09:00, AragonX <Ar> wrote:
[...some good stuff deleted...]
> The server performs the following tasks:
>
>    Web (Squirrelmail, eGroupWare, myPhpAdmin and others) and email serving
> to the internet.
>    File, print and DHCP serving to my local network.

Try and lock down any web app you have with regular apache auth - it's often 
more secure than the built-in authentication schemes offered by these apps.

> I'm looking for more preventative measures.  It appears that LIDS and
> mod_security are the only ones in that role now.  Should I jail apache?
> Would that give me any benefits over what LIDS provides?

You might want to look at libsafe too. It does work well and is one more 
roadblock for hackers.

Generally, how much you do depends on your goals. Jailing services is a good 
idea, but again it depends on how far you want to go. An external firewall 
could also help quite a bit by providing an additional layer of security, and 
if set up that way it can also alert you of unusual activity. Same goes for 
an IDS somewhere on your network of course.

J