Hi
I would like to discuss possibilities to improve default SUSE Linux security.
What can be done to effectively improve it ?
It really depends on how paranoid you are. You can start with a bios password, then a bootloader, configuring a firewall on your marchine, set nosuid, noexec, and nodev mount option in /etc/fstab on ext3 partition such as /tmp, ... Talking about servers, sitting in server farm with controlled physical access, some common /easy steps could be: - minimum software installation (no desktop if not required) - deactivation of all unnecessary network daemons, having the machine only listening on port 22/ ssh, and at the end of the installation, performing the security updates. - running a security scanner to verify that you have no hole at the end of your installation - add a non root user and disable ssh login as root. Actually also disabling password authentication, use only certificates, disable version 1 of ssh - watch your important files with tripwire - review all set-user-id and set-grup-id programs, actually you could run bastille - ... Then you would have the hardening of the services you run on top of your servers (for instance for mysql it would mean disabling remote access if you can, disabling LOAD DATA LOCAL INFILE, change the admin password, change the admin name, disabling anonymous access and removal of the sample databases) I hope it helps, just take into account that some hardening measures can be standardized, other measures depend on the services the server will offer Regards, Gaël