Hello! It's my duty to set up an internet server with SuSE Linux 7.3. I want to ensure that it is as secure as possible. First thing was of course thinking of not to use SuSE Linux but instead install a little Linux From Scratch system (www.linuxfromscratch.org) with only a few files really needed to run a webserver. But then I am be sure if ColdFusion and some other applications/programs/modules would run correctly. So the decision was SuSE Linux 7.3 for x86. Dual PIII 1,13GHz, 1GB ECC SD-RAM, 2x 17GB SCSI ... First I installed 7.3 minimal (but I took around 200MB space, a lot for a minimal installation I think) + ProFTP, Sendmail, MySQL, Apache, PHP, Perl, SuSE Firewall2, harden_suse. What I did to secure the system: 1. run harden_suse with all options enabled. 2. compiled new kernel 2.4.18 with LIDS (lids.org) support. 3. secured all directories readonly except /dev, /var, /tmp, /proc 4. denied files like /etc/shadow except for su, login, proftp, sshd readonly 5. secured .bash_history, /var/log/firewall, /var/log/messages as append only 6. disabled capabilities like mknod, rawio ... And to keep track of what is going on: 1. weekly mail with all important logfiles 2. lids provides a port scan detector and to send a mail to me, if something is goning wrong in the system. Is this enough to avoid crackers to change my system? I know, that nothing is nearly 100% secure, but I think if no one (root included) can change system files it should be quite secure also if some breaks into the system and gets root privileges. I think If I'll always install the newest SuSE security updates the system would be only a few days unsaved. If then someone would break into, s/he could not damage that much, I hope. Best regards, Thomas