I've been working with Unix (Solaris) and now I'm in charge of securing several Red Hat Linux 8 servers. Besides...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
the Red Hat literature, are there other good resources for information about my new task? Are there any common mistakes people make in securing Linux servers that I should know about? Check out the hardening how-tos in this section: http://www.linux-sec.net/Harden/howto.gwif.html, brought to you by the people at http://www.Linux-Sec.net.
There is a ton of good stuff out there, including PDFs from SIAC specific to Linux security. Books are also a good resource. Check out this book on securing Red Hat Linux systems:
Read up some on the Bastille Project (http://www.bastille-linux.org/). The Bastille Hardening System hardens Linux and Unix operating systems. It supports the Red Hat, Debian, Mandrake, SuSE and other flavors in addition to most Unix distributions. The project itself is run by Jon Lasser.
Regarding mistakes people make, I would say the biggest mistake would be not properly backing up your systems before undertaking a major hardening effort. If something goes wrong and you need to revert back to a previous release, you must be diligent about this. You also need to make sure you do not work in a vacuum. Tightening up your systems only a little bit might mean your applications will not work anymore. You have to bring your applications team in the process and make sure any changes to the systems are carefully planned and tested. Certain directories might need certain permissions for the application to work properly. You may also be getting rid of logins that you don't think are being used, but in actuality really are. It sounds simplistic, but make sure your ports are not being used before commenting them out!
Another big mistake is making wholesale changes. Implement your hardening plan carefully and strategically. If you make more than one change, and something doesn't work, there is no way of knowing what broke it. Careful change management will also help your process.
Dig Deeper on Linux servers
Related Q&A from Kenneth Milberg
Need a PaaS platform with strong production support? Explore production support and SLAs of AWS Elastic Beanstalk, IBM Bluemix, Google App Engine and...continue reading
When you move to PaaS for your web-based apps, remember to think about database services. Consider the benefits of moving your database to a fully ...continue reading
Making sure that your PaaS offering and the web development framework of your choice agree can be tricky. Learn how to choose the best framework for ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.