Introduction
Many of the risks the company’s servers will face are made possible by compromising security for convenience, and allowing vulnerabilities to exist such as introducing the web server to a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity. This is why the OS should constantly be patched with security updates, and the server should have the recommended security configurations in place to ensure system hardening.
Below I will run down some of the vulnerabilities I know to be the most overlooked and biggest gaps in system hardening.
Web Server
System Patches
Most Linux systems allow the use of a package manager, much like Windows Update. In Linux, this is refered to as “rpm” or RedHat Package Manager, “apt/dpkg” or Debian Package Manager, or simply “YUM” or Yellowdog. These allow a system manager to update specific software individually utilizing commands starting with these; you can always utilize the vendor’s proprietary tools. With RedHat, you are given some good support options through the RedHat network that will ensure the RedHat servers are managed proficiently. With this option, the system administrator should get used to utilizing the “up2date” command, this command will automatically resolve any dependenciy issues. The Debian package system will resolve any dependency problems, rather than simply report on them (as the rpm system does).
For details on the apt command, which is used to load Debian packages, see: http://www.debian.org/doc/manuals/users-guide/ch-iraus.en.html
For information on RedHat Network services, visit:
https://rhn.redhat.com/rhn/help/quickstart.jsp.
RHN services are generally free for the first 90 days after installation, after which the company must purchase entitlements to continue.
Information Leakage
Another important, albeit trivial changes that should be completed on any new Linux machine is to disable any information leakage that is occurring on...