Can anybody recommend the top 10 things they would do for security to a mandrake linux box that is going to be used as a production web server. :confused:

i dunno.

other people here might.

also linuxsecurity.com is pretty good.

there's prolly a howto or other documention on doing security on your drive somewhere.

just outta curiosity why mandrake though? why not one of the more slimmed-down distros? seems to me you'd be more concerned about speed, and configuring apache or the like, than pretty GUI interfaces and 6000 programs you don't need.

http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/index.html (http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/index.html)It's gearded toward Redhat, but since Mandrake is a Redhat derivitive, it should work for you. Read some of the other networking guides (http://www.linuxdoc.org/guides.html) at linuxdoc.org as well.

Originally posted by VSHarris:
<STRONG>Can anybody recommend the top 10 things they would do for security to a mandrake linux box that is going to be used as a production web server. :confused:</STRONG>

1. Install Debian.

2. Hunt down and punish everyone who has ever used the words "Mandrake" and "production web server" in the same sentence.

There... I still have 8 left over! Securing a Redhat-based system is basically a contradiction in terms. Yes, it can be done, but only a masochist would want to if he knew other options were available. Better options than *Redhat would include, in this order:

1. Anything.

1. Check to see what ports you have open.
2. Close the ones you don't need.
3. Read-up on iptable.
4. Make a iptables script.
5. Install logcheck.
6. Install tripwire.
7. Make sure software is up to date.
8. Get rid of telnet (use ssh instead)
9. Read your logfiles.
10. Setup a backup plan.