How to restore Linux with Tar. How To Harden a Linux or OpenBSD Installation. Hardening Linux and OpenBSD Many of these work on both Linux and OpenBSD.
Some are only relevant on Linux. Suggestions here are divided into: There are no guarantees for what you find here here. Remember that security and convenience are usually inversely proportional. Before you start Green — everyoneMake sure that you have rescue media available.Especially before continuing with these suggestions. Linux — try the Knoppix rescue media, or use your install media and choose its rescue option. Update your kernel and applications Update the kernel, applications, and shared libraries Green — everyoneMake sure that you apply all security updates! Red Hat, Fedora, CentOS, and other Red Hat derivatives: # yum upgrade Debian, Ubuntu, Knoppix, and other Debian derivatives: # apt-get update # apt-get dist-upgrade Mageia: # urpmi.update -a # urpmi --auto-select OpenBSD: # pkg_add -u Also see my page on how to patch and rebuild the OpenBSD kernel.
Harden the kernel's TCP/IP stack Green — everyone. Linux Security: Securing and Hardening Linux Production Systems (Linux Security Cookbook / HOWTO / Guide) Securing and Hardening Red Hat Linux Production Systems A Practical Guide to Basic Linux Security in Production Enterprise Environments Written by Werner Puschitz www.puschitz.com This article is a practical step-by-step guide for securing Linux production systems.
It discusses basic Linux Security requirements for systems that need to pass various audits in an enterprise environment. Focus of this Article This Linux Security HOWTO is intended for a technical audience, Linux system administrators, and security people in corporations and organizations that have to use commercial Linux distributions for their production environment. The steps in this guide have been tested on RHEL 3 and 4. Feedback This document comes without warranty of any kind. Contents General Physical Security Physical security should be of the utmost concern. Center for Information Technology Policy » Lest We Remember: Cold Boot Attacks on Encryption Keys.
FTP. Compression. Connect To Your Home PCs From Anywhere With DynDNS. Have you ever found yourself at a friend’s house, wishing you could access the music on your computer?
Or maybe you wish it was easier to connect to your VNC share from web cafes or your office? Maybe you’ve even tried writing down your IP address before leaving home specifically so you could connect? The main problem with that approach is that most ISPs change your IP on a regular basis. Some ISPs will give you a static IP – typically for a monthly premium – and such an IP can give you access from anywhere. Alternatively, you can use DynDNS. And if you just want one URL, it’s a free service.
How Free Dynamic DNS Works Here’s the deal: you get an account at DynDNS, which provides you with a free URL. Once everything is set up you’ll be able to access your home network from anywhere, using the URL provided to you by DynDNS. Getting Started Setting up DynDNS is easy. Once your account is set up you’ll have a username and password you can use in order to use the service.
SYNC: Mac-Linux. Mac OSX. Linux.