securing shell server

Support for security such as Firewalls and securing linux
Post Reply
vima
Posts: 3
Joined: 2005/06/22 21:39:06

securing shell server

Post by vima » 2005/07/10 17:30:46

Hi everyone

I'm thinking of giving shell access to one virtual server for my irl/irc friends. Users would be using mainly IRC and mail. I'm asking about your thoughts about security; what should i do to make the server safe for users.

I want to be able to notice when someone tries to write to forbidden directories like /bin /sbin etc, and when someone tries to read files in /etc or someone else's home dir. Also I want to see if someones trying to run exploits, or somehow root my server.

I thought of installing LIDS, bastille and some auditing software for monitoring /etc /sbin and other directories. Maybe tripwire too? What else should i do (of course keep software up to date)?

cormander
Posts: 100
Joined: 2005/05/16 21:27:57
Location: Utah
Contact:

securing shell server

Post by cormander » 2005/07/17 05:32:28

[quote]
what should i do to make the server safe for users.
[/quote]

Easy. Don't give anyone system shell access :)

But I realize that isn't the answer you're looking for.

I would suggest you setup a chroot jail for ssh users. You can read about a pretty good implementation of it here:

http://chrootssh.sourceforge.net/index.php

Hope this helps.

Post Reply

Return to “CentOS 4 - Security Support”