Internal Server Error

The NSA publishes guidelines for securing various operating systems - most interestingly, RHEL5.

NSA has developed and distributed configuration guidance for Red Hat Enterprise Linux 5 that is currently being used throughout the government and by numerous entities as a security baseline for their Red Hat Enterprise Linux 5 systems.

The introductory points:

  • Encrypt all data transmitted over the network. Encrypting authentication information (such as passwords) is particularly important.
  • Minimize the amount of software installed and running in order to minimize vulnerability.
  • Use security-enhancing software and tools whenever available (e.g., SELinux and Iptables).
  • Run each network service on a separate server whenever possible. This minimizes the risk that a compromise of one service could lead to a compromise of others.
  • Maintain user accounts. Create a good password policy and enforce its use. Delete unused user accounts.
  • Review system and application logs on a routine basis. Send logs to a dedicated log server. This prevents intruders from easily avoiding detection by modifying the local logs.
  • Never log in directly as root, unless absolutely necessary. Administrators should use sudo to execute commands as root when required. The accounts capable of using sudo are specified in /etc/sudoers, which is edited with the visudo utility. By default, relevant logs are written to /var/log/secure.

There are security guides on the same page for OS X (Leopard, Snow Leopard), Windows (various versions) and Sun Solaris (9, 10).