<br><br><div class="gmail_quote">On Thu, Oct 22, 2009 at 2:48 AM, Matt Wheeler <span dir="ltr"><<a href="mailto:m@funkyhat.org">m@funkyhat.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
2009/10/21 Peter Adam Kelly <<a href="mailto:peter@thatwilldo.com">peter@thatwilldo.com</a>>:<br>
<div class="im">> Thanks loads for the info,<br>
><br>
> I am brushing up on my knowledge of network security, I have some Ubuntu<br>
> dedicated and VPS servers and of course I want them as strong as can be, any<br>
> more links or info would be appreciated.<br>
><br>
> Cheers<br></div></blockquote></div><br>A couple of other pointers - if running PHP consider using the suhosin patch - and for other public facing servers test their vulnerability using Nessus/Nikto etc (I believe this has recently been mentioned in another post of the list - although it might have been a different list).<br>
<br>You might also want to consider routing syslogs to another box. That way, if a machine is compromised, the logs are not at as much risk.<br><br>Needless to say, only permit traffic to hosts from the boxes that need access - not so good for webservers, but if you're running private webservers it's often possible to only permit access to these from hosts that you "approve of".<br>
<br>If possible, only permit key based login using SSH as well - this will completely remove the risk of password based attacks....<br><br>Hope this helps<br>