|This message is part of the following thread:|
|the complete thread tree sorted by date|
1. install linux on a minimum (core linux only) and remove the services that you don't need like nis,ftp, etc. 2. set the firewall into maximum. 3. Put no login in /etc/hosts.allow to filter incoming packets 4. update the newly installed daemons like open-ssl, etc. 5. compile/install new kernel. 6. Modify /etc/lilo.conf and add the following: time-out=00 #add this line and change this it to whatever shortest delay you want. restricted #add this line password=<yourlilopassword> chmod 600 /etc/lilo.conf chattr +i /etc/lilo.conf 7. Delete all special users and groups accounts like uucp, shutdown, halt, etc. 8. Change the PASS_MIN_LEN to "8" instead of "5" in /etc/login.defs 9. Add TMOUT=3600 in the /etc/profile 10. Comment out unusable services and ports (like telnet, talk) in /etc/services chmod 600 /etc/services chattr +i /etc/services 11. Disable all console-equivalent access for regular users. 12. Only allow root to execute services in /etc/rc.d/init.d and imunize the files. 13. Modify /etc/host.conf and add "nospoof on" 14. Disable CTRL_ALT_DEL in /etc/inittab. 15. Hide your system information like kernel version, and hostname during login. 16. Disable direct "root" login. Instead, use "su" or "sudoers". 17. Disable unused SUID/SGID programs. 18. Create a new set of ipchains/iptables policy and up it last in startup. 19. compile/install the packages that Mailacon will required from us. 20. Install nmap and snort to check/monitor for the open ports.