[unisog] Linux OS Hardening Guidelines

Duksta, John C. John_Duksta at brown.edu
Thu Oct 12 18:04:24 GMT 2006

On 10/11/06 7:55 PM, "Tim Lane" <tlane at scu.edu.au> wrote:

>> Hi,
>> I am looking for relatively high level 'checklist' style guidelines for Linux
>> (and variants) OS hardening.  I envisage a 1-2 page checklist of principles
>> plus some specific more technical recommendations.
>> Would anyone have this sort of guideline documented that they would be able
>> to 
>> forward to me?


An excellent tool for hardening Linux (and other Un*x) systems is Bastille
Linux[1]. It walks you through a checklist of items to harden and will make
the appropriate changes for you.

Here's[2] a *very* high level checklist for RHEL

Here's[3] a more thorough checklist released by AusCERT and CERT/CC

[1] http://www.bastille-linux.org/
[2] http://www.uchsc.edu/is/security/LinuxHardeningChecklist.pdf
[3] http://www.cert.org/tech_tips/usc20_full.html


John Duksta <John_Duksta at brown.edu>
Lead IT Security Engineer
Computing and Information Services
Brown University
Office: +1.401.863.7335
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2147 bytes
Desc: not available
Url : http://lists.dshield.org/pipermail/unisog/attachments/20061012/fbba2a8d/attachment-0001.bin 

More information about the unisog mailing list