[PLUG] [off topic security]

Mike Neal miken at hotsushi.com
Mon Oct 22 23:13:20 UTC 2007


Avoid version x.uh-oh and use a mature distribution like openSUSE 
where the x.3 is the usual candidate and 10.3 just came out.

Check the openSUSE mail lists for any threads on user problems with 
the recent release and patches.

Download and burn a CDs or a DVD with 10.3

Partition a non-networked, non-production server and install 10.3

Play, follow your curiosity and learn.

Try various install scenarios and finally, do a custom install with 
only the necessary packages.

Backup to a USB drive or CD if you're broke.

Connect to the network and then to the Internet through a firewall.

Configure the firewall to only use ports for services which you choose.

Configure the firewall to use NAT and DHCP.

Install appropriate patches and upgrades.

Backup.

Look at the serverwith nmap and Nessus.

Join CRIME:
http://crime.whiteknighthackers.com/


and read PLUG, Google news, a Google alert for "Linux", Bruce Schneier:
http://www.schneier.com/crypto-gram.html

others:
http://seclists.org/

and your distribution's security mail list.

Use strong passwords.

Wish I did more than a few of the above!

Cheers,
Mike




More information about the PLUG mailing list