You are not logged in.

#1 2004-04-30 23:05:29

beniro
Member
From: St. Petersburg, FL, USA
Registered: 2002-12-31
Posts: 312

Securing my Arch Linux post-install...?????????

Hello.  I was wondering about something that I haven't seen touched on much here in the forums:  Post-Install Security Measures for my Arch Linux.

So, here's the question:  What should I do/install/configure after my Arch Linux initial install to make it nice and secure?  I know there are many levels of security, but what can I do beyond the base config to get my box really tight...that didn't sound right...  smile

How can I secure my Arch Linux install?  What measures should I take?

Thanks in advance!

Offline

#2 2004-05-01 01:16:13

xerxes2
Member
From: Malmoe, Sweden
Registered: 2004-04-23
Posts: 1,249
Website

Re: Securing my Arch Linux post-install...?????????

pacman -A archallinonehackerstayoutofmybox

lol


arch + gentoo + initng + python = enlisy

Offline

#3 2004-05-01 01:41:54

kakabaratruskia
Member
From: Santiago, Chile
Registered: 2003-08-24
Posts: 596

Re: Securing my Arch Linux post-install...?????????

you could make a little firewall script for iptables. I use one currently (not really secure), but I also share my inet conection. If you find some good manual for making a firewall script, maybe you could adapt it to arch (/rc.d), and include it in the wiki. It's only a suggestion  big_smile


And where were all the sportsmen who always pulled you though?
They're all resting down in Cornwall
writing up their memoirs for a paper-back edition
of the Boy Scout Manual.

Offline

#4 2004-05-01 02:13:08

Xentac
Forum Fellow
From: Victoria, BC
Registered: 2003-01-17
Posts: 1,797
Website

Re: Securing my Arch Linux post-install...?????????

I'd venture to say that a base install of arch is very secure.  No unnecessary services running, no unnecessary packages even.  It gets less secure the more stuff you put on it...


I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal

Offline

#5 2004-05-01 12:37:59

Mork II
Member
From: Visby, Sweden
Registered: 2003-05-14
Posts: 87

Re: Securing my Arch Linux post-install...?????????

- Set up a firewall, look here and here for examples.

- Make sure you do not have any unecessary services running. Arch is great with this since it doesn't start crap without you asking for it. If you have no other services running than xinetd you can safely disable it.

- Install aide and create a intrusion detection database. Update this regularly.

- Do backups. No really, do regular backups of /etc, /var/log, your AIDE-database, important files.

- Run a fresh install of chkrootkit once in a while.

Offline

#6 2004-05-01 15:11:18

beniro
Member
From: St. Petersburg, FL, USA
Registered: 2002-12-31
Posts: 312

Re: Securing my Arch Linux post-install...?????????

I'll look into iptables, etc.  Thanks.  smile

Offline

#7 2004-05-02 22:47:11

farphel
Forum Fellow
From: New Hampshire - USA
Registered: 2003-09-18
Posts: 250
Website

Re: Securing my Arch Linux post-install...?????????

Set a strong root password immediatly on your first reboot after the install.


Follow the link below, sign up, and accept one promotional offer.  If I can get five suckers (err... friends) to do this, I'll get a free iPod.  Then you too can try to get a free iPod. Thanks! http://www.freeiPods.com/?r=11363142

Offline

#8 2004-05-03 02:16:43

kakabaratruskia
Member
From: Santiago, Chile
Registered: 2003-08-24
Posts: 596

Re: Securing my Arch Linux post-install...?????????

you can use "john the ripper" (pacman -S john) to see if you're password is weak. You can also run nmap, and nessus to catch any open ports and possible vulnerabilities in your system.


And where were all the sportsmen who always pulled you though?
They're all resting down in Cornwall
writing up their memoirs for a paper-back edition
of the Boy Scout Manual.

Offline

Board footer

Powered by FluxBB