[Tfug] securing ubuntu server

Matthew T. Eskes meskes at gmail.com
Tue Sep 23 13:04:26 MST 2008


Jeff, honestly, for a server, I would personally think that something like
Vanilla Debian would be a better option for you since it only installs a
minimal system if you use something like the Business Card or net install
CD. The reason I say something like this is that going this route you will
only install the software you need and not all the extra cruft that Ubuntu
installs. Don’t get me wrong, I like Ubuntu I just doing think its
necessarily the “right” choice for a server install. Being a Gentoo guy, you
know very well what a minimal install gets you
. The most flexibility for
only the things you NEED and nothing extra. Now I must admit that I
personally don’t know much about Ubuntu on the server and I really am going
with experiences from the past and various other distros, Gentoo included.
Another thing you forgot really is just locking down the system with
iptables I guess. I’m sure the others here will be more than happy to throw
in their suggestions as well.


Matt

-- The Founding Fathers struggled for the principle that man could and
should be trusted with his own destiny. Our current /domestic/ enemies,
against whom those Americans in uniform are sworn to defend, do not believe
in this principle, but we have again won a round in the endless fight
against them.
   
   -- Jeff Cooper on the assault weapons ban ending 
________________________________________
From: tfug-bounces at tfug.org [mailto:tfug-bounces at tfug.org] On Behalf Of
Jeffrey Clark
Sent: Tuesday, September 23, 2008 11:36 AM
To: Tucson Free Unix Group
Subject: [Tfug] securing ubuntu server

hey everyone,

i just joined this list so figured i'd start out with a topic that will
hopefully generate some insightful comments.  i'm a gentoo guy (am i the
only one?) and i'm having to configure my first ubuntu server at work.  i've
got 8.04.1 up and running.  i'd really like to trim it down some and make it
more secure.  i know the basics--restrict ssh access, check for rootkits,
modify su permissions, etc.  where do i go from there?

sincerely,
jeff





More information about the tfug mailing list