You are not logged in.
- Topics: Active | Unanswered
#1 2004-04-30 23:05:29
- beniro
- Member
- From: St. Petersburg, FL, USA
- Registered: 2002-12-31
- Posts: 313
Securing my Arch Linux post-install...?????????
Hello. I was wondering about something that I haven't seen touched on much here in the forums: Post-Install Security Measures for my Arch Linux.
So, here's the question: What should I do/install/configure after my Arch Linux initial install to make it nice and secure? I know there are many levels of security, but what can I do beyond the base config to get my box really tight...that didn't sound right... 
How can I secure my Arch Linux install? What measures should I take?
Thanks in advance!
Offline
#2 2004-05-01 01:16:13
- xerxes2
- Member
- From: Malmoe, Sweden
- Registered: 2004-04-23
- Posts: 1,249
- Website
Re: Securing my Arch Linux post-install...?????????
pacman -A archallinonehackerstayoutofmybox 
arch + gentoo + initng + python = enlisy
Offline
#3 2004-05-01 01:41:54
- kakabaratruskia
- Member
- From: Santiago, Chile
- Registered: 2003-08-24
- Posts: 596
Re: Securing my Arch Linux post-install...?????????
you could make a little firewall script for iptables. I use one currently (not really secure), but I also share my inet conection. If you find some good manual for making a firewall script, maybe you could adapt it to arch (/rc.d), and include it in the wiki. It's only a suggestion 
And where were all the sportsmen who always pulled you though?
They're all resting down in Cornwall
writing up their memoirs for a paper-back edition
of the Boy Scout Manual.
Offline
#4 2004-05-01 02:13:08
- Xentac
- Forum Fellow
- From: Victoria, BC
- Registered: 2003-01-17
- Posts: 1,797
- Website
Re: Securing my Arch Linux post-install...?????????
I'd venture to say that a base install of arch is very secure. No unnecessary services running, no unnecessary packages even. It gets less secure the more stuff you put on it...
I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal
Offline
#5 2004-05-01 12:37:59
- Mork II
- Member
- From: Visby, Sweden
- Registered: 2003-05-14
- Posts: 87
Re: Securing my Arch Linux post-install...?????????
- Set up a firewall, look here and here for examples.
- Make sure you do not have any unecessary services running. Arch is great with this since it doesn't start crap without you asking for it. If you have no other services running than xinetd you can safely disable it.
- Install aide and create a intrusion detection database. Update this regularly.
- Do backups. No really, do regular backups of /etc, /var/log, your AIDE-database, important files.
- Run a fresh install of chkrootkit once in a while.
Offline
#6 2004-05-01 15:11:18
- beniro
- Member
- From: St. Petersburg, FL, USA
- Registered: 2002-12-31
- Posts: 313
Re: Securing my Arch Linux post-install...?????????
I'll look into iptables, etc. Thanks.
Offline
#7 2004-05-02 22:47:11
- farphel
- Forum Fellow
- From: New Hampshire - USA
- Registered: 2003-09-18
- Posts: 250
- Website
Re: Securing my Arch Linux post-install...?????????
Set a strong root password immediatly on your first reboot after the install.
Follow the link below, sign up, and accept one promotional offer. If I can get five suckers (err... friends) to do this, I'll get a free iPod. Then you too can try to get a free iPod. Thanks! http://www.freeiPods.com/?r=11363142
Offline
#8 2004-05-03 02:16:43
- kakabaratruskia
- Member
- From: Santiago, Chile
- Registered: 2003-08-24
- Posts: 596
Re: Securing my Arch Linux post-install...?????????
you can use "john the ripper" (pacman -S john) to see if you're password is weak. You can also run nmap, and nessus to catch any open ports and possible vulnerabilities in your system.
And where were all the sportsmen who always pulled you though?
They're all resting down in Cornwall
writing up their memoirs for a paper-back edition
of the Boy Scout Manual.
Offline