SlideShare a Scribd company logo

Debian 5 Hardening Tips

S
s3m1llon

Hardening tips for Debian Linux deployment

Technology
1 of 2
Download to read offline
# apt-get install openssh-client openssh-server # ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub 2048 44:c3:7c:1e:0c:f6:24:82:2f:b7:f8:83:93:1f:08:13 /etc/ssh/ssh_host_rsa_key.pub # What to do when CTRL-ALT-DEL is pressed. #ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now ca:12345:ctrlaltdel:/usr/bin/logger -s -p auth.notice -t Protocol 2 [INIT] Port 222 quot;CTRL+ALT+DEL caught but ignored! This is not a SilentDeny yes Windows(r) machine.quot; PasswordAuthentication no PermitRootLogin no RSAAuthentication yes AllowedAuthentications publickey RequiredAuthentications publickey MaxStartups 2 LoginGraceTime 30 IdleTimeout 15m Ciphers anycipher Ciphers anystdcipher ForwardAgent no Forward X11 no /sbin/iptables -L /etc/hosts.allow /etc/hosts.deny. This manual is free software; you may redistribute it and/or modify it under the terms of the GNU General Public License (http://www.debian.org/releases/stable/amd64/apf.html.en)
password --md5 passwordhash # /etc/init.d/openbsd-inetd stop Securing Debian Manual ,” http://www.debian.org/doc/manuals/securing-debian- howto/. # update-rc.d -f openbsd-inetd remove # vi /etc/issue *********************Warning********************* Authorized uses only. All activity may be monitored and reported. ************************************************* serveur:~# apt-get update [...] serveur:~# apt-get dist-upgrade # /etc/fstab: static file system information. [...] /dev/ida/c1d1p3 /home ext3 defaults,nosuid 0 2 /dev/ida/c1d1p1 /srv ext3 defaults 0 2 /dev/ida/c1d1p2 /tmp ext3 defaults,nosuid 0 2 /sbin/grub-md5-crypt. [...] apt-get remove --purge acpid dhcp3-common dhcp3-client klogd

Recommended

Web Server Free Bsd
Web Server Free BsdWeb Server Free Bsd
Web Server Free BsdKwanchai Charoennet
 
Zookeper
ZookeperZookeper
ZookeperAlexeyStepanov21
 
R-House (LSRC)
R-House (LSRC)R-House (LSRC)
R-House (LSRC)Fernand Galiana
 
Environments line-up! Vagrant & Puppet 101
Environments line-up! Vagrant & Puppet 101Environments line-up! Vagrant & Puppet 101
Environments line-up! Vagrant & Puppet 101jelrikvh
 
4412 SDRAM
4412 SDRAM4412 SDRAM
4412 SDRAMphilippe_nuaa
 
The true story_of_hello_world
The true story_of_hello_worldThe true story_of_hello_world
The true story_of_hello_worldfantasy zheng
 
Solaris
SolarisSolaris
SolarisGanesh Kumar Veerla
 
EC2
EC2EC2
EC2Igor Kapkov
 

Recommended

Web Server Free Bsd
Web Server Free BsdWeb Server Free Bsd
Web Server Free BsdKwanchai Charoennet
 
Zookeper
ZookeperZookeper
ZookeperAlexeyStepanov21
 
R-House (LSRC)
R-House (LSRC)R-House (LSRC)
R-House (LSRC)Fernand Galiana
 
Environments line-up! Vagrant & Puppet 101
Environments line-up! Vagrant & Puppet 101Environments line-up! Vagrant & Puppet 101
Environments line-up! Vagrant & Puppet 101jelrikvh
 
4412 SDRAM
4412 SDRAM4412 SDRAM
4412 SDRAMphilippe_nuaa
 
The true story_of_hello_world
The true story_of_hello_worldThe true story_of_hello_world
The true story_of_hello_worldfantasy zheng
 
Solaris
SolarisSolaris
SolarisGanesh Kumar Veerla
 
EC2
EC2EC2
EC2Igor Kapkov
 
Intro django
Intro djangoIntro django
Intro djangoAlexander Lyabah
 
Network
NetworkNetwork
Networkpuneethpun7
 
Creating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server HardeningCreating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server Hardeningarchwisp
 
Vi
ViVi
Viluanpho91
 
How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...Przemek Jakubczyk
 
How to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android appHow to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android appPrzemek Jakubczyk
 
Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6Manish Chopra
 
Iphone ifuse
Iphone ifuseIphone ifuse
Iphone ifuseguest8a79502
 
Home security with Raspberry Pi
Home security with Raspberry PiHome security with Raspberry Pi
Home security with Raspberry PiBogusz Jelinski
 
Choosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal DesktopChoosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal DesktopDani Iswara
 
What we-don't-know
What we-don't-knowWhat we-don't-know
What we-don't-knowMarian Marinov
 
Topologia lab
Topologia labTopologia lab
Topologia labCassio Ramos
 
Puppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the ForgePuppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the ForgePuppet
 
Authen Free Bsd6 2
Authen Free Bsd6 2Authen Free Bsd6 2
Authen Free Bsd6 2Kwanchai Charoennet
 
How to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMOHow to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMONaoto MATSUMOTO
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksCarlos Sanchez
 
Proxy arp
Proxy arpProxy arp
Proxy arpMarian Marinov
 
PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22Yuya Takei
 
Hadoop installation
Hadoop installationHadoop installation
Hadoop installationLeon Gladston
 
AMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion PassengerAMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion Passengericemobile
 
Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhydn|u - The Open Security Community
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetOmar Reygaert
 

More Related Content

What's hot

Creating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server HardeningCreating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server Hardeningarchwisp
 
How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...Przemek Jakubczyk
 
How to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android appHow to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android appPrzemek Jakubczyk
 
Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6Manish Chopra
 
Home security with Raspberry Pi
Home security with Raspberry PiHome security with Raspberry Pi
Home security with Raspberry PiBogusz Jelinski
 
Choosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal DesktopChoosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal DesktopDani Iswara
 
Puppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the ForgePuppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the ForgePuppet
 
How to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMOHow to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMONaoto MATSUMOTO
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksCarlos Sanchez
 
PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22Yuya Takei
 
AMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion PassengerAMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion Passengericemobile
 

What's hot (20)

Intro django
Intro djangoIntro django
Intro django
 
Network
NetworkNetwork
Network
 
Creating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server HardeningCreating "Secure" PHP applications, Part 2, Server Hardening
Creating "Secure" PHP applications, Part 2, Server Hardening
 
Vi
ViVi
Vi
 
How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...How to recognise that the user has just uninstalled your android app droidc...
How to recognise that the user has just uninstalled your android app droidc...
 
How to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android appHow to recognise that the user has just uninstalled your android app
How to recognise that the user has just uninstalled your android app
 
Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6Setting up a HADOOP 2.2 cluster on CentOS 6
Setting up a HADOOP 2.2 cluster on CentOS 6
 
Iphone ifuse
Iphone ifuseIphone ifuse
Iphone ifuse
 
Home security with Raspberry Pi
Home security with Raspberry PiHome security with Raspberry Pi
Home security with Raspberry Pi
 
Choosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal DesktopChoosing Linux Distro - Personal Desktop
Choosing Linux Distro - Personal Desktop
 
What we-don't-know
What we-don't-knowWhat we-don't-know
What we-don't-know
 
Topologia lab
Topologia labTopologia lab
Topologia lab
 
Puppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the ForgePuppet Module Reusability - What I Learned from Shipping to the Forge
Puppet Module Reusability - What I Learned from Shipping to the Forge
 
Authen Free Bsd6 2
Authen Free Bsd6 2Authen Free Bsd6 2
Authen Free Bsd6 2
 
How to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMOHow to Install Ghost (CMS) MEMO
How to Install Ghost (CMS) MEMO
 
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero ClicksHow to Develop Puppet Modules: From Source to the Forge With Zero Clicks
How to Develop Puppet Modules: From Source to the Forge With Zero Clicks
 
Proxy arp
Proxy arpProxy arp
Proxy arp
 
PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22PFIセミナー資料 H27.10.22
PFIセミナー資料 H27.10.22
 
Hadoop installation
Hadoop installationHadoop installation
Hadoop installation
 
AMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion PassengerAMS Node Meetup December presentation Phusion Passenger
AMS Node Meetup December presentation Phusion Passenger
 

Similar to Debian 5 Hardening Tips

Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetOmar Reygaert
 
A journey through the years of UNIX and Linux service management
A journey through the years of UNIX and Linux service managementA journey through the years of UNIX and Linux service management
A journey through the years of UNIX and Linux service managementLubomir Rintel
 
High Availability With DRBD & Heartbeat
High Availability With DRBD & HeartbeatHigh Availability With DRBD & Heartbeat
High Availability With DRBD & HeartbeatChris Barber
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with GanetiOSCON Byrum
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalationJameel Nabbo
 
Death matchtournament del2014
Death matchtournament del2014Death matchtournament del2014
Death matchtournament del2014Nabil Munawar
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 
Linux Common Command
Linux Common CommandLinux Common Command
Linux Common CommandJeff Yang
 
Supporting Debian machines for friends and family
Supporting Debian machines for friends and familySupporting Debian machines for friends and family
Supporting Debian machines for friends and familyFrancois Marier
 
Install and configure linux
Install and configure linuxInstall and configure linux
Install and configure linuxVicent Selfa
 
ByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedredhat9
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayJoshua McKenty
 
Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Keisuke Takahashi
 
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky Haryadi
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky HaryadiPGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky Haryadi
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky HaryadiEqunix Business Solutions
 

Similar to Debian 5 Hardening Tips (20)

Linux Hardening - nullhyd
Linux Hardening - nullhydLinux Hardening - nullhyd
Linux Hardening - nullhyd
 
Virtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + PuppetVirtualization and automation of library software/machines + Puppet
Virtualization and automation of library software/machines + Puppet
 
A journey through the years of UNIX and Linux service management
A journey through the years of UNIX and Linux service managementA journey through the years of UNIX and Linux service management
A journey through the years of UNIX and Linux service management
 
Dev ops
Dev opsDev ops
Dev ops
 
High Availability With DRBD & Heartbeat
High Availability With DRBD & HeartbeatHigh Availability With DRBD & Heartbeat
High Availability With DRBD & Heartbeat
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Hands on Virtualization with Ganeti
Hands on Virtualization with GanetiHands on Virtualization with Ganeti
Hands on Virtualization with Ganeti
 
Linux class 9 15 oct 2021-5
Linux class 9 15 oct 2021-5Linux class 9 15 oct 2021-5
Linux class 9 15 oct 2021-5
 
Linux advanced privilege escalation
Linux advanced privilege escalationLinux advanced privilege escalation
Linux advanced privilege escalation
 
Death matchtournament del2014
Death matchtournament del2014Death matchtournament del2014
Death matchtournament del2014
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
Linux Common Command
Linux Common CommandLinux Common Command
Linux Common Command
 
Supporting Debian machines for friends and family
Supporting Debian machines for friends and familySupporting Debian machines for friends and family
Supporting Debian machines for friends and family
 
Alta disponibilidad en GNU/Linux
Alta disponibilidad en GNU/LinuxAlta disponibilidad en GNU/Linux
Alta disponibilidad en GNU/Linux
 
Install and configure linux
Install and configure linuxInstall and configure linux
Install and configure linux
 
Docker practice
Docker practiceDocker practice
Docker practice
 
ByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalivedByPat博客出品Lvs+keepalived
ByPat博客出品Lvs+keepalived
 
OpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial DayOpenStack Swift - MSST 2011 Tutorial Day
OpenStack Swift - MSST 2011 Tutorial Day
 
Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5Trying and evaluating the new features of GlusterFS 3.5
Trying and evaluating the new features of GlusterFS 3.5
 
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky Haryadi
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky HaryadiPGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky Haryadi
PGConf.ASIA 2019 - High Availability, 10 Seconds Failover - Lucky Haryadi
 

Recently uploaded

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 

Recently uploaded (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 

Debian 5 Hardening Tips

  • 1. # apt-get install openssh-client openssh-server # ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub 2048 44:c3:7c:1e:0c:f6:24:82:2f:b7:f8:83:93:1f:08:13 /etc/ssh/ssh_host_rsa_key.pub # What to do when CTRL-ALT-DEL is pressed. #ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now ca:12345:ctrlaltdel:/usr/bin/logger -s -p auth.notice -t Protocol 2 [INIT] Port 222 quot;CTRL+ALT+DEL caught but ignored! This is not a SilentDeny yes Windows(r) machine.quot; PasswordAuthentication no PermitRootLogin no RSAAuthentication yes AllowedAuthentications publickey RequiredAuthentications publickey MaxStartups 2 LoginGraceTime 30 IdleTimeout 15m Ciphers anycipher Ciphers anystdcipher ForwardAgent no Forward X11 no /sbin/iptables -L /etc/hosts.allow /etc/hosts.deny. This manual is free software; you may redistribute it and/or modify it under the terms of the GNU General Public License (http://www.debian.org/releases/stable/amd64/apf.html.en)
  • 2. password --md5 passwordhash # /etc/init.d/openbsd-inetd stop Securing Debian Manual ,” http://www.debian.org/doc/manuals/securing-debian- howto/. # update-rc.d -f openbsd-inetd remove # vi /etc/issue *********************Warning********************* Authorized uses only. All activity may be monitored and reported. ************************************************* serveur:~# apt-get update [...] serveur:~# apt-get dist-upgrade # /etc/fstab: static file system information. [...] /dev/ida/c1d1p3 /home ext3 defaults,nosuid 0 2 /dev/ida/c1d1p1 /srv ext3 defaults 0 2 /dev/ida/c1d1p2 /tmp ext3 defaults,nosuid 0 2 /sbin/grub-md5-crypt. [...] apt-get remove --purge acpid dhcp3-common dhcp3-client klogd