hardening DMZ systems

Posted on 2011-10-18
Last Modified: 2012-05-12
Hi All,

we have to created RHEL6 VM in DMZ to serve as a blog server. Is there any website which shows how to harden DMZ linux systems. I have couple of questions on which I want suggestions

1. Patching of OS - whether I should patch it directly from internet using yum or we have internal satellite server to which I shud point this DMZ server to get patched ? any idea which ports are required to be opened if patching from rhn satellite server.

2. rpcbind and rpc.statd services are running on this server and I want to stop it as I am not using any nfs services here. So, will it create problems for any other services or https etc.

3. Is there any link wherein there is a checklists for verifying the hardening document for linux dmz servers.

We have all the network restrictions in place for

Question by:virgo0880
    LVL 3

    Accepted Solution


    Author Comment

    Thanks, I will look at the links.


    Assisted Solution

    I used benchmark document from CIS to harden the apache configuration as well as DMZ systems.

    Author Comment

    I've requested that this question be closed as follows:

    Accepted answer: 200 points for karnapune's comment http:/Q_27403366.html#36990666
    Assisted answer: 0 points for virgo0880's comment http:/Q_27403366.html#37146986

    for the following reason:

    used CIS document for hardening the system which I searched on my own.

    Author Comment

    I want to give myself 300 points instead of 0 points. kindly change the same.

    Author Comment

    Ok, thats fine.


    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
    Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
    Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now