Recently, I’ve been busy trying to build a gentoo web server. I’m going to be more pro-active about fighting zombies this time.
Here’s a post about my security questions
Perhaps the most interesting thing about the response is hearing about glsa-check, a way of determining which ebuilds are absolutely necessary from a security point of view.
Here’s an extremely long-winded post about how to prevent your linux box from being hacked. As a programmer/writer, I really can’t spend all day hackproofing my box (and that alas is a good argument for hosting through a third party). On the other hand, there are a lot of good tricks listed here that I could implement fairly easily. My big concern is not really loss of data but zombification. Perhaps the easiest thing to do is to block any pings from China or India (!).
There are a lot of good suggestions of the obvious kind (which never occurred to me). Such as putting sshd on a nonstandard port or allowing ssh logins only through private keys which you carry with you on your USB keychain (or tcp/ip wrappers to restrict ssh access to only certain IP addresses). I’m going to go back to Brian Hatch’s Hacking Linux Exposed for more ideas. Frankly though, I think system security and programming often have conflicting goals. At some point, the content creator has to stop worrying about sys admin stuff and just focus on producing stuff (and delegate the responsibility to a third party). Security people are paid to be paranoid and conservative at the same time, but the content creator has to test new things which are by nature risky.
I’ve had some long stretches of time offline (if you check my weblog archives you can see when they were). I’ve learned the hard way that the only way to prevent long bouts of downtime is to have a mirrored server on another machine (with data rsynced back and forth) that I can switch to in the event of failure or major maintenance. When you have a dayjob, responding to a server problem often takes a long time. Although gentoo has fixed the linux updating problem, it’s constantly updating ebuilds, so much that it becomes a pain in the neck.
Basically the solution to my problem is: 1)mirroring on another server, 2)more aggressive security updates, 3)better backup automation, and 4)far better logging than I’ve been doing.
Quite frankly, I’m now acting under the assumption that my current web server is unsafe, and it’s not even worth the trouble to fix except a totally new install.
Later: Flavio’s 10 Tips for Hardening a Linux Server.