View Single Post
Old 8th May 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

My typical steps are to:

change the headers on each vtty* above the login prompt to some thing less "let's tell the whole world what we are".

change the motd to some thing more strict and create a suitable banner for sshd

ensure proper settings for users and passwords.

create groups/users and set perms as necessary for the system and ensure a sensible setup for what it's there to do.

configure sshd to be a bit more to my 'tastes' then the defaults and change it from port 22 to some thing else.


Kill unnecessary services, I usually don't use inetd either but that's just my way of doing things.


Say hello to pf and continue with system wide adjustments as necessary (e.g. what is this machine for factors).
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote