Quote:
Originally Posted by anomie
Desktop or server? In either case, depending on how it's being used would determine how many hardening cycles I'd go through.
Pretty straightforward for my desktop: - make sure no daemons are listening for tcp/udp connections (except maybe dhclient);
- search for and disable useless (to me) suid/sgid programs;
- enable the blackhole(4) sysctl MIBs;
- turn off core dumps (more because I don't want to have to look for and delete them);
- occasionally run the security/rkhunter app to perform some sanity checking;
- believe it or not, scan downloaded files with clamav;
- review system logs and emails;
- keep base system and ports updated with security fixes asap.
I actually need to run an annoying proprietary java app that listens on all local interfaces to establish a secure connection with a system at work, so keeping in line with point #1 I run a packet filtering firewall to prevent outside connections to it. (Otherwise I probably wouldn't bother with the firewall.) |
Im sorry for asking such a dumb question, but how do you disable core dumps? Ive read that ulimit -c 0 or such works but ive only been able to find information on disabling core dumps for specific files. Is this something that you do system wide? and what would be the correct way to do this. Im asking so I dont make a mistake.
thanks.