Securing a RedHat Linux 6

Securing a RedHat Linux 6.2 machine (Basics)
by bokuden

Introduction

This article will cover the basics of making a virgin redhat install more or less secure before putting it on the internet. Remember all of this work should be done before the box is put online, as machines can be rooted in minutes of being on the net.

Setting basic file permissions

Set more restrictive permissions on /root and /var/log if they aren't already there and touch and lock down bad files

chmod -R og-rx /root
chmod -R o-rx /var/log
ulimit -c 0
/bin/touch /root/.rhosts /root/.netrc /etc/hosts.equiv
/bin/chmod 0 /root/.rhosts /root/.netrc /etc/hosts.equiv

Shut down services

I find the easiest way for most people to shut down unwanted services is to use the linux administrative tool called linuxconf. Linuxconf comes packaged with redhat, install the rpm if you dont already have it.

Run linuxconf, goto control, control panel, then control service activity. From here you can both shut down services currenty running, and prevent from running from startup in the future. Use your own discretion here, if you dont need to be running sendmail, nfs, etc, dont run them. If you dont know what some of the services are, chances are you dont need to be running them, and you should shut them down.

Edit inetd.conf

The file /etc/inetd.conf is a configuration file for the deamon inetd, which is the basic internet service deamon in Linux. Open this file in a text editor, such as pico, joe, or vi, and comment out (put a # next to) services that you dont need to be running. For example, I shut off telnet, ftp, and finger. Once you are done editing this file to your needs, either reboot your machine, or restart inetd by sending a kill -HUP signal to the pid of inetd.

Remove un-needed system users

If you take the time to look at your /etc/passwd file, you will see that there are a lot of users on your system that dont really need to be there. Examples: games, guest, etc. Remove these users with "userdel -r username" command, or use linuxconf's user manager feature.

Run a basic firewall

Redhat comes with a firewall utility called ipchains which can filter and redirect packets for you. Add these rules to /etc/rc.d/rc.local to provide you with basic security and logging.

next >>