{"id":97,"date":"2006-04-15T09:09:42","date_gmt":"2006-04-15T09:09:42","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2006\/04\/some-good-tips-to-secure-linux\/"},"modified":"2010-06-21T17:42:48","modified_gmt":"2010-06-21T16:42:48","slug":"some-good-tips-to-secure-linux","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2006\/04\/some-good-tips-to-secure-linux\/","title":{"rendered":"Some Good Tips to Secure Linux"},"content":{"rendered":"
<\/p>\n
I came across this while browsing, has some pretty solid stuff, goes deeper than most basic Linux security guides.<\/p>\n
It has some good sections like this on protection against fork bombs:<\/p>\n
Fork bombs are programs that keep creating child processes until system resources are all used, they actually aren’t remote exploits because they require a local user to execute the bomb, however, users may be tricked into running a fork bomb, for example the following example may look innocent, but running it on an unprotected system may take the whole system down:<\/p>\n
:( ){ : |:& }; :<\/code><\/p>\n
WARNING: do NOT run the above code on an unprotected system!<\/em><\/p>\n
The above shell script will actually keep forking at an exponential rate until system resources are exhausted.<\/p>\n
To protect a system against such attacks, there is a file for limiting the number of processes for each user, it is \/etc\/security\/limits.conf, add the following two lines to it:
\n@users soft nproc 100
\n@users hard nproc 150<\/p>\nThe lines prevent anyone in the users group from having more than 150 processes, and issue a warning at 100 processes.<\/p>\n
Your system may not have a users group, so you may need to edit the lines to suit your needs.<\/p><\/blockquote>\n
There are some other things you can do like using a file integrity checker, installing a log checker or centralising logs with something like syslog-ng, scanning for SU files on a regular basis, setup alerts if a new user is added and so on, but this gives you a start.<\/p>\n
It has some security tips for OpenSSH, Samba and MySQL too.<\/p>\n
I recommend taking a look anyway!<\/p>\n
<\/p>\n