View Single Post
  #9   (View Single Post)  
Old 7th May 2008
keithlybsd keithlybsd is offline
Port Guard
 
Join Date: May 2008
Posts: 10
Default

Lots of good suggestions here,

I am sure this is a lame one but host based firewall is a must. Stateful inspection and make sure to apply out bound rules.

I prefer to only use ssh keys for login and not allow user/pass.

And you can dll the free version of cis bench mark and run that against a system. That little app shows you tons of ways to tighten down a box.

I do these things combined most of the above suggestions.
Reply With Quote