Securing Ubuntu/Ubuntu Hardening Guide

**Vantrax** · December 22nd, 2008

That should be ok, using the ro is a little unusual tho.

Basically you have to understand what the folders are ment to be used for, and what you are using them for. If you install things in odd spots then use these settings some things might not work. Just remember you made them so you can change them if you find a bug.

That being said this link will give you a short idea of what the folders do: http://www.comptechdoc.org/os/linux/..._crfilest.html

If you think thats too simple read this:
http://www.tuxfiles.org/linuxhelp/linuxdir.html

Edit: This one could help too: http://kdubois.net/?p=25

If you still want more info about what does what see the big one:
http://rute.2038bug.com/node38.html.gz

**mang_ucup** · January 9th, 2009

Hey, your hardening guide exactly the same with mine. I think you just copy paste the guide from my blog. http://boilinglinux.blogspot.com/200...hardening.html

**Vantrax** · January 9th, 2009

Originally Posted by mang_ucup

Hey, your hardening guide exactly the same with mine. I think you just copy paste the guide from my blog. http://boilinglinux.blogspot.com/200...hardening.html

Some of the points are similar, and you have some good points I don't think I've included, with your permission I'd like to add them.

By and large this guide is a little larger and has a fair bit more detailed than yours. Ill make the correction on AppArmor instead of SE linux. If I'd read yours before I would have not made that mistake

Ive never configured them together and did not realize they were mutually exclusive.

**ProfDecoy** · January 9th, 2009

Out of curiosity, I noticed that in 8.10, the chkrootkit package does add a script to the daily cron list and references a config file (/etc/chkrootkit.conf) to enable the daily run.

The only significant difference between your recommended cron job and the one included is your's will mail out the logs to the specified address (provided one has set up sendmail on the system). Was there any particular reason not to add on to that one? I haven't checked an older Ubuntu system to see if that's a new addition with the 8.10 repository or not.

Both guides are a good starting point for hardening systems. Thanks!

**Vantrax** · January 10th, 2009

Originally Posted by ProfDecoy

Out of curiosity, I noticed that in 8.10, the chkrootkit package does add a script to the daily cron list and references a config file (/etc/chkrootkit.conf) to enable the daily run.

I havent tested this process in 8.10, server/stable environments tend to only use LTS versions (and desktops the latest). Thanks for that info tho, I'm glad they are making it easier to secure systems.

**mang_ucup** · January 12th, 2009

Originally Posted by Vantrax

Some of the points are similar, and you have some good points I don't think I've included, with your permission I'd like to add them.

By and large this guide is a little larger and has a fair bit more detailed than yours. Ill make the correction on AppArmor instead of SE linux. If I'd read yours before I would have not made that mistake

Ive never configured them together and did not realize they were mutually exclusive.

Yeah, i think you have copied the latest one.
http://boilinglinux.blogspot.com/200...-hardening.htm
No offense for you but next time, at least please provide the source of your article.
Thanks.

For all readers, i just want to share the result from this hardening guide. I found something weird lately when i scan my "hardened" server with Nessus security scanner (brute force scan). It caused my "hardened" server down if i scan it several times. But it won't be happen in unhardened server. It looks like the kernel hardening part caused the problem. So please be more careful before you implement this guide because intruder my tried to use this scan method to bring down your "hardened" server.

Will post you guys an update how to solve this issue after i done with my research.

**Vantrax** · January 12th, 2009

Originally Posted by mang_ucup

Yeah, i think you have copied the latest one.
http://boilinglinux.blogspot.com/200...-hardening.htm
No offense for you but next time, at least please provide the source of your article.
Thanks.

That link is broken, could you give me another link?

As I said at the start, I've pulled bit and pieces in a text file over the last year. No idea where half of it comes from. If there are significant matching bits ill put your site in a link up the top.

**mang_ucup** · January 12th, 2009

Originally Posted by Vantrax

That link is broken, could you give me another link?

As I said at the start, I've pulled bit and pieces in a text file over the last year. No idea where half of it comes from. If there are significant matching bits ill put your site in a link up the top.

http://boilinglinux.blogspot.com/200...hardening.html

Nevermind bro. I don't hesitate to share this with anyone. I just curious that how can your hardening guide just exactly the same with mine

Maybe we can start to make this guide more potent and solve one of the issue that just happen to me which i already posted it in my last reply.

Thank and be hardened