virgo0880
asked on
hardening DMZ systems
Hi All,
we have to created RHEL6 VM in DMZ to serve as a blog server. Is there any website which shows how to harden DMZ linux systems. I have couple of questions on which I want suggestions
1. Patching of OS - whether I should patch it directly from internet using yum or we have internal satellite server to which I shud point this DMZ server to get patched ? any idea which ports are required to be opened if patching from rhn satellite server.
2. rpcbind and rpc.statd services are running on this server and I want to stop it as I am not using any nfs services here. So, will it create problems for any other services running..like..ssh or https etc.
3. Is there any link wherein there is a checklists for verifying the hardening document for linux dmz servers.
We have all the network restrictions in place for this..fyi...
Thanks
virgo
we have to created RHEL6 VM in DMZ to serve as a blog server. Is there any website which shows how to harden DMZ linux systems. I have couple of questions on which I want suggestions
1. Patching of OS - whether I should patch it directly from internet using yum or we have internal satellite server to which I shud point this DMZ server to get patched ? any idea which ports are required to be opened if patching from rhn satellite server.
2. rpcbind and rpc.statd services are running on this server and I want to stop it as I am not using any nfs services here. So, will it create problems for any other services running..like..ssh or https etc.
3. Is there any link wherein there is a checklists for verifying the hardening document for linux dmz servers.
We have all the network restrictions in place for this..fyi...
Thanks
virgo
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 200 points for karnapune's comment http:/Q_27403366.html#36990666
Assisted answer: 0 points for virgo0880's comment http:/Q_27403366.html#37146986
for the following reason:
used CIS document for hardening the system which I searched on my own.
Accepted answer: 200 points for karnapune's comment http:/Q_27403366.html#36990666
Assisted answer: 0 points for virgo0880's comment http:/Q_27403366.html#37146986
for the following reason:
used CIS document for hardening the system which I searched on my own.
ASKER
I want to give myself 300 points instead of 0 points. kindly change the same.
ASKER
Ok, thats fine.
thanks
thanks
ASKER
virgo