A Quick Way to Secure a Linux System

Source: Help Net Security

The first step in securing your system is to determine what the function of that system is going to be. For example, if the system is going to be dedicated to being an ftp server,then there is little reason to having samba or sendmail installed because the more services that are running, the more vulnerable the system is going to be. This cannot be stressed enough. You do not want services running that you won't be using.

So we begin with a fresh install of the system with the Linux distribution of your choice, and in that installation process we'll choose the security settings for "High" or whatever the equivalent is if the option is available. This should enable package filtering, regulating what is and isn't allowed to connect to your system.

Now whether the Linux system that you are working to secure is a home based ultimate desktop workstation or a firewall that is intended to protect an internal LAN from the outside world, one of the the most important concerns is making sure the system is brought up to date and kept up to date with the current errata, preferably an a freshly installed system so that it can be guaranteed that the system wasn't previously compromised. The errata is basically a list of items containing significant information discovered after the release of the current version of the operation system. This information includes security advisories as well as as other software that could effect the smooth operations or security of the system in question.The errata can be downloaded from the website that maintains the distribution.