Hardening down a Linux Server
Posted on 2005-05-11
I am running a Debian Woody 3.0 and the uname -a output is "Linux **censored** 2.4.20-021stab022.8.777-enterprise #1 SMP Fri Nov 12 10:42:02 MSK 2004 i686 unknown"
What makes Linux and Windows totally different in a sense of security is that Windows is so way easy to perform security patches and updates management through the proprietory WindowsUpdate(tm). Although Linux may have their own version of "WindowsUpdate", it's kinda hard for a beginner-level entry user to perform security updates for his/her Linux box.
Given the following scenario based on the upon operating system,
how do i specifically harden down my Debian Linux server? Is there a full guide to it, basically search for it through google, came up with some results but not really detailed and sastifactory. With regard to that, how do i secure my server, which firewall software are feasible to use, allowing the admins to edit settings(iptables is kinda hard) and how do i setup a secure shell environment for my user whereby "exploits, rootkits, messing up" are not allowed and they are only allowed to do what's required and the permission given to them.
This seemed quite difficult to answer, so I am willing to give more than 500 points separately(max point here is 500). Yeah, that's about it.