Comments on: Turn Linux into Fort Knox: 10 Tools for a Safer Web Server

By: JohnS

JohnS — Wed, 10 Dec 2008 07:20:39 +0000

MarkH, how about some alternatives then, you dingleberry

By: MarkH

MarkH — Wed, 19 Nov 2008 18:57:18 +0000

Wow, rereading the whole list, this is actually a pretty poor article in terms of best practices. As others have mentioned, no mention of SELinux (or grsecurity for that matter), a focus on many lesser tools when there are better ones available, a desktop-oriented security view, no mention of actually following best practices (or links or discussion of any), and so forth.

This article might better be titled “Ten tools I found about while Googling for linux security information, the usefulness of which I am not qualified to judge”.

Sorry, but it’s weak, which is not something trivial when suggesting security tools.

By: MarkH

MarkH — Wed, 19 Nov 2008 18:53:19 +0000

Oh, and about OpenSSH…

1995 called and it wants its security tips back.

By: MarkH

MarkH — Wed, 19 Nov 2008 18:52:13 +0000

Poorly stated info here about running chkrootkit from a rescue disk. If you boot from the rescue disk you will be checking the rescue disk’s environment, not the one you actually want to check, therefore making most of the tests it runs useless.

It should be run from a CD, yes, one with known-good binaries that it uses (read the README file), but NOT while BOOTED from a rescue disk.

By: Toughen up your web server « 0ddn1x: tricks with *nix

Toughen up your web server « 0ddn1x: tricks with *nix — Fri, 10 Oct 2008 20:54:54 +0000

[...] Toughen up your web server Filed under: Linux, Security — 0ddn1x @ 2008-10-10 20:54:18 +0000 http://www.dailyartisan.com/news/linux-security-tools/ [...]

By: Joshua Brindle

Joshua Brindle — Fri, 10 Oct 2008 14:19:03 +0000

What about SELinux? It shocks me that an article centered around securing Linux wouldn’t mention any mandatory access control at all, how short sighted.

Also, spelling and grammar checkers are your friend.

By: Daily Artisan » Turn Linux into Fort Knox: 10 Tools for a Safer Web Server | blog.q8lug.org

Thu, 09 Oct 2008 21:03:47 +0000

[...] Daily Artisan » Turn Linux into Fort Knox: 10 Tools for a Safer Web Server. [...]

By: Diabolic Preacher

Diabolic Preacher — Thu, 09 Oct 2008 18:12:52 +0000

no mention about backtrack live CD? most tools needed to be run from a live CD, especially security auditing tools are available on backtrack live CD.

By: Convierte Linux en el Fuerte Knox: 10 Herramientas para hacer de el un Servidor Web Serguro | ProyectoAurora.com

Thu, 09 Oct 2008 13:48:33 +0000

[...] Enlace | Daily Artisan » Turn Linux into Fort Knox: 10 Tools for a Safer Web Server. [...]

By: Dan

Dan — Thu, 09 Oct 2008 00:41:31 +0000

Folks are being a bit hard on the author, of course there are better tools, but he was just trying to provide a hand to people who are completely unawares.

My contribution: chroot is awesome. If you chroot your lighttpd webserver, the server application and other ones you chroot it with have no access to any files on your system except the ones in the chroot environment. So they can hack your server, but not your system.