From LQWiki

Most Configuration tasks have security implications. At the current state of the art, it is probably too difficult for most of us to maintain a completely secure system, so the goal has to be to make the cost to a malicious hacker of penetrating our systems more than the penetration would be worth to him or her.

The following outline focuses on what has to be done and what tools are available rather than why and how to do security configuration, except for the first item, which is meant to focus on getting the user started with security configuration.

• Linux Security Basics
  • Basic Linux file system attributes
  • Users and groups
  • Security terms and definitions
  • Linux security vulnerabilities
  • Obtaining security updates
  • Community security resources

• Base System Security
  • Configuring and using su and sudo
  • Identifying and disabling extraneous services
  • chrooting common services and commands
  • Basic system logging

• Network Services
  • Telnet and SSH - Why not to use Telnet
  • SSH
    • Using SSH
    • Configuring the OpenSSH SSH daemon
    • Using SCP and SFTP to transfer files
    • Mounting remote folders using sshfs
    • Creating chroot environments with OpenSSH
    • X11 forwarding with OpenSSH
    • Tunneling with OpenSSH
  • Secure backups with rsync

• Firewall - Iptables, configuration, firewall software

• Securing email
  • Sender Verification
  • Spam Filtering
  • Spam Filtering on the desktop
  • Virus/worm Filtering
  • Using GPG to cryptographically sign email
  • Using MailScanner/Postfix/SpamAssassin/ClamAV in Gentoo Linux
  • Postfix with clamav-milter

• Securing servers and services
  • Securing Apache
  • Securing SAMBA
  • Securing Sendmail
  • Securing ssh

• Hardening against users with physical access
  • Physical security
  • Securing the BIOS
  • Securing LILO
  • Securing GRUB
  • Configuring a basic kiosk mode

• System monitoring
  • Detecting portscans

• Security auditing
  • Security auditing tools

• Wireless network security
  • WEP
  • Shortcomings of WEP
  • Secure alternatives to WEP

• Local Policies - Legal Stuff
  • TOS and AUP
  • MOTD

• Gathering Information

External links

• Linuxsecurity.com (www.linuxsecurity.com)
• Linux Security HOWTO (www.tldp.org)
• LinuxGuruz security resource page (www.linuxguruz.com)
• Debian Linux Security Configuration (www.debianhelp.co.uk)
• List of Linux security tools (January 3rd, 2007) (www.foogazi.com)