[GTALUG] Linux hardening question
Lennart Sorensen
lsorense at csclub.uwaterloo.ca
Thu Jun 29 17:13:00 EDT 2017
On Thu, Jun 29, 2017 at 07:31:10PM +0000, Ansar Mohammed wrote:
> IMHO if you are looking for a hardened system you should not start with
> Ubuntu.
> Ubuntu is what l like to call 'kitchen sink Linux'
Yeah I wouldn't start with that either.
> Start with a minimal Debian install, then add the packages you need
> incrementally.
I would start with that too.
> Package removal is never an exact rollback of package installation.
Well it should be able to be, although I agree sometimes it isn't.
> Then add your IDS, customize whatever host based firewall.
> Disable IPv6.
I use that all the time. I think most of my internet traffic is IPv6.
Why would anyone disable that?
--
Len Sorensen
More information about the talk
mailing list