<HTML ><HEAD ><TITLE >Security Quick-Start HOWTO for Red Hat Linux</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="NEXT" TITLE="Introduction" HREF="intro.html"><META NAME="KEYWORD" CONTENT="Secure"><META NAME="KEYWORD" CONTENT="Security"><META NAME="KEYWORD" CONTENT="Services"><META NAME="KEYWORD" CONTENT="Firewall"><META NAME="KEYWORD" CONTENT="Intrusion"><META NAME="KEYWORD" CONTENT="Hacker"><META NAME="KEYWORD" CONTENT="Hacked"><META NAME="KEYWORD" CONTENT="Cracker"><META NAME="KEYWORD" CONTENT="Cracked"><META NAME="KEYWORD" CONTENT="owned"><META NAME="KEYWORD" CONTENT="Firewall"><META NAME="KEYWORD" CONTENT="ipchains"><META NAME="KEYWORD" CONTENT="iptables"><META NAME="KEYWORD" CONTENT="tcpwrappers"><META NAME="KEYWORD" CONTENT="portsentry"><META NAME="KEYWORD" CONTENT="virus"><META NAME="KEYWORD" CONTENT="trojan"></HEAD ><BODY CLASS="ARTICLE" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="ARTICLE" ><DIV CLASS="TITLEPAGE" ><H1 CLASS="TITLE" ><A NAME="AEN2">Security Quick-Start HOWTO for Red Hat Linux</H1 ><DIV CLASS="AUTHORGROUP" ><A NAME="AEN5"><H3 CLASS="AUTHOR" ><A NAME="AEN6" >Hal Burgiss</A ></H3 ><DIV CLASS="AFFILIATION" ><DIV CLASS="ADDRESS" ><P CLASS="ADDRESS" > hal@foobox.net<br> </P ></DIV ></DIV ></DIV ><P CLASS="PUBDATE" >v. 1.2, 2002-07-21<BR></P ><DIV CLASS="REVHISTORY" ><TABLE WIDTH="100%" BORDER="0" ><TR ><TH ALIGN="LEFT" VALIGN="TOP" COLSPAN="3" ><B >Revision History</B ></TH ></TR ><TR ><TD ALIGN="LEFT" >Revision v. 1.2</TD ><TD ALIGN="LEFT" >2002-07-21</TD ><TD ALIGN="LEFT" >Revised by: hb</TD ></TR ><TR ><TD ALIGN="LEFT" COLSPAN="3" >A few small additions, and fix the usual broken links.</TD ></TR ><TR ><TD ALIGN="LEFT" >Revision v. 1.1</TD ><TD ALIGN="LEFT" >2002-02-06</TD ><TD ALIGN="LEFT" >Revised by: hb</TD ></TR ><TR ><TD ALIGN="LEFT" COLSPAN="3" >A few fixes, some additions and many touch-ups from the original.</TD ></TR ><TR ><TD ALIGN="LEFT" >Revision v. 1.0</TD ><TD ALIGN="LEFT" >2001-11-07</TD ><TD ALIGN="LEFT" >Revised by: hb</TD ></TR ><TR ><TD ALIGN="LEFT" COLSPAN="3" >Initial Release.</TD ></TR ></TABLE ></DIV ><DIV ><DIV CLASS="ABSTRACT" ><A NAME="AEN46"><P ></P ><P > </P ><P > </P ><P > This document is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction. This is a Red Hat specific version of this document. </P ><P ></P ></DIV ></DIV ><HR></DIV ><DIV CLASS="TOC" ><DL ><DT ><B >Table of Contents</B ></DT ><DT >1. <A HREF="intro.html" >Introduction</A ></DT ><DD ><DL ><DT >1.1. <A HREF="intro.html#AEN54" >Why me?</A ></DT ><DT >1.2. <A HREF="intro.html#AEN92" >Notes</A ></DT ><DT >1.3. <A HREF="intro.html#AEN97" >Copyright</A ></DT ><DT >1.4. <A HREF="intro.html#AEN105" >Credits</A ></DT ><DT >1.5. <A HREF="intro.html#DISCLAIMER" >Disclaimer</A ></DT ><DT >1.6. <A HREF="intro.html#AEN124" >New Versions and Changelog</A ></DT ><DT >1.7. <A HREF="intro.html#AEN136" >Feedback</A ></DT ></DL ></DD ><DT >2. <A HREF="foreword.html" >Foreword</A ></DT ><DD ><DL ><DT >2.1. <A HREF="foreword.html#AEN168" >The Optimum Configuration</A ></DT ><DT >2.2. <A HREF="foreword.html#AEN176" >Before We Start</A ></DT ></DL ></DD ><DT >3. <A HREF="services.html" >Step 1: Which services do we really need?</A ></DT ><DD ><DL ><DT >3.1. <A HREF="services.html#AUDIT" >System Audit</A ></DT ><DT >3.2. <A HREF="services.html#DANGER" >The Danger Zone (or r00t m3 pl34s3)</A ></DT ><DT >3.3. <A HREF="services.html#STOPSERVICES" >Stopping Services</A ></DT ><DT >3.4. <A HREF="services.html#EXCEPTIONS" >Exceptions</A ></DT ><DT >3.5. <A HREF="services.html#CONCLUSIONS" >Summary and Conclusions for Step 1</A ></DT ></DL ></DD ><DT >4. <A HREF="updates.html" >Step 2: Updating</A ></DT ><DD ><DL ><DT >4.1. <A HREF="updates.html#AEN571" >Summary and Conclusions for Step 2</A ></DT ></DL ></DD ><DT >5. <A HREF="firewalls.html" >Step 3: Firewalls and Setting Access Policies</A ></DT ><DD ><DL ><DT >5.1. <A HREF="firewalls.html#STRATEGY" >Strategy</A ></DT ><DT >5.2. <A HREF="firewalls.html#FILTERS" >Packet Filters -- Ipchains and Iptables</A ></DT ><DT >5.3. <A HREF="firewalls.html#TCPWRAPPERS" >Tcpwrappers (libwrap)</A ></DT ><DT >5.4. <A HREF="firewalls.html#PORTSENTRY" >PortSentry</A ></DT ><DT >5.5. <A HREF="firewalls.html#PROXIES" >Proxies</A ></DT ><DT >5.6. <A HREF="firewalls.html#INDAPPS" >Individual Applications</A ></DT ><DT >5.7. <A HREF="firewalls.html#VERIFY" >Verifying</A ></DT ><DT >5.8. <A HREF="firewalls.html#LOGGING" >Logging</A ></DT ><DT >5.9. <A HREF="firewalls.html#WHERETOSTART" >Where to Start</A ></DT ><DT >5.10. <A HREF="firewalls.html#SUMMARY3" >Summary and Conclusions for Step 3</A ></DT ></DL ></DD ><DT >6. <A HREF="intrusion.html" >Intrusion Detection</A ></DT ><DD ><DL ><DT >6.1. <A HREF="intrusion.html#IDS" >Intrusion Detection Systems (IDS)</A ></DT ><DT >6.2. <A HREF="intrusion.html#HACKED" >Have I Been Hacked?</A ></DT ><DT >6.3. <A HREF="intrusion.html#RECLAIM" >Reclaiming a Compromised System</A ></DT ></DL ></DD ><DT >7. <A HREF="general.html" >General Tips</A ></DT ><DT >8. <A HREF="appendix.html" >Appendix</A ></DT ><DD ><DL ><DT >8.1. <A HREF="appendix.html#SERVERSETC" >Servers, Ports, and Packets</A ></DT ><DT >8.2. <A HREF="appendix.html#PORTS" >Common Ports</A ></DT ><DT >8.3. <A HREF="appendix.html#NETSTAT" >Netstat Tutorial</A ></DT ><DT >8.4. <A HREF="appendix.html#THREATS" >Attacks and Threats</A ></DT ><DT >8.5. <A HREF="appendix.html#LINKS" >Links</A ></DT ><DT >8.6. <A HREF="appendix.html#TEXT" >Editing Text Files</A ></DT ><DT >8.7. <A HREF="appendix.html#NMAP" >nmap</A ></DT ><DT >8.8. <A HREF="appendix.html#SYSCTL" >Sysctl Options</A ></DT ><DT >8.9. <A HREF="appendix.html#SECUREALT" >Secure Alternatives</A ></DT ><DT >8.10. <A HREF="appendix.html#PFILTERS" >Ipchains and Iptables Redux</A ></DT ></DL ></DD ></DL ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" > </TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="intro.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" > </TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Introduction</TD ></TR ></TABLE ></DIV ></BODY ></HTML >