What are we gonna do today, Brain? -- Suggestion

Ronald K. Wechter sysad3_buff at cnrc.navy.mil
Fri May 18 13:32:58 EDT 2001 

All:

I would be very interested on Linux security practices.  Working for the
government security is one of our main concerns.  At this point a Linux
server cannot be used unless a formal security plan has been typed up and a
flow chart made.  This makes it kind of hard to document a security plan for
an OS that has no "true" standards unless standards are made by the SysAd.
Finding out what practices for security are used in the "Industry" for linux
would really help.

Things I would like to know:
* Linux Security Measurements -- Network
*  "                       "  -- Users
*  "                       "  -- System/Configuration
*  "                       "  -- Public Services (FTP, HTTP, Secure Shell,
Chroot environments [how-to])
* Virus Scanning and/or Virus secuirty practices
* Server Fail-Over practices (If the main server is attacked and brought
down what type of configuration should the fail-over server have to ensure
that the same attack will not affect it as did the primary server).

All of the above topics are required to be in full documentation before any
system here is brought online.  Once these procedures are approved then the
server can go into "production".  At some point I also would like to learn
how to secure the network using Linux's routing features (now incorporated
into the kernel for 2.4?) and best security practices for DNS/Bind ( This
could be a whole meeting in itself).

Thank You for Your Time!

Ronald K. Wechter
Network Systems Administrator
NRD Buffalo Webmaster
Navy Recruiting Department Buffalo
(716) 551-4901



-----Original Message-----
From: owner-nflug at nflug.org [mailto:owner-nflug at nflug.org]On Behalf Of
Robert Meyer
Sent: Friday, May 18, 2001 10:59 AM
To: nflug at nflug.org
Subject: What are we gonna do today, Brain?


Well, we have a meeting scheduled for this Sunday at 1:00 but we don't have
a
list of things that we want to do...other than get copies of Mandrake to a
buncha folks :-)

We had mentioned that we wanted to do a session on security.  I know that we
have some folks in the group who are involved with security and have
opinions
on what can be done for intrusion prevention and detection.  Do we have any
takers on this.  It would be good if more than one person responds so that
we
can get some varied opinions on the subject.

Other than that, anyone have an suggestions about what they'd like to do?

Cheers!

Bob

=====
Bob Meyer
Knightwing Communications, Inc.
36 Cayuga Blvd
Depew, NY 14043
Phone: 716-308-8931 or 716-681-0076
Meyer_RM at Yahoo.com

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

More information about the nflug mailing list