Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
Re: [suse-security] harden_suse documentation
  • From: rhoerbe@xxxxxxxxxxxxxxxx
  • Date: Mon, 22 May 2000 11:47:39 +0200
  • Message-id: <OF700986EF.E23BCFEB-ONC12568E7.00355C57@xxxxxxxxxxxxx>
I learned to take care of two things with harden_suse:
1. run it before you start the usual configuration stuff, as it would
overwrite many options
2. take care of the reduced password-expiration time in /etc/login-defs.
When you set a system in production, you have to learn after a month, that
no user can login anymore - this does not make sense for ftp or mail only
users. Even for administrative accounts, if you visit the system
infrequently.

//Rainer




Ragnar Beer <rbeer@xxxxxxxxxxxxxxxxx>
Sent by: suse-security-return-1788-rhoerbe=netpromote.co.at@xxxxxxxx
22.05.00 11:38


To: suse-security@xxxxxxxx
cc: marc@xxxxxxx
Subject: [suse-security] harden_suse documentation

During the weekend I had some time to look at the harden_suse script.
What it does looks very reasonable to me but I wish there was some
more documentation or references respectively. Here is my wishlist:

- Although I can guess what the users xok and trusted ar needed for
it would be great to get _some_ more information about it.

- It would be great to get a little background information about
what's going on in the 10 steps to hardening. I'm not talking about
writing a book or something but it would be great to have a
book-reference or a link where to go and look for each of the 10
steps.

The first thing I did (of course;) was to look at the manual but it
could have been more helpful.

--Ragnar

---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx






< Previous Next >