[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fedora Security Guide for 11 release




On Mar 11, 2009, at 7:05 PM, Scott Radvan wrote:

Hi all,


I have built HTML and PDF versions of the very-nearly-finished Security
Guide, which has its focus on Fedora and is on its way to being
available in the upcoming 11 release.

I thought there may be some members of this list who would like to take
a look at it.

Any reviewers/comments at all are of course more than welcome.

http://sradvan.fedorapeople.org/Security_Guide/en-US/

Wouldn't the mention of fail2ban be appropriate? My servers with public IP addresses get hundreds of failed login attempts per day unless I use iptables to block repeat offenders.

Isn't 'PermitRootLogin no' the default for sshd?

I think a short "don't disable SELinux when things go awry" section with pointers to policy booleans and setroubleshoot would be appropriate. Dan Walsh's blog is a good SELinux resource without a document reference.

http://iase.disa.mil/stigs/SRR/unix.html deserves a mention.

Good stuff,
joe


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]