Forum OpenACS Q&A: Response to How much time does it takes to set up bboard from scratch

If you run redhat recompile the kernel as soon as you download it.

I updated some links on my (very old) doc at

These are no where near complete and one day I hope to update it. At a minimum add the grsecurity fixes and recompile without modules. You don't need modules, the distros use them to allow more hardware to be supported. Modules suck, they are a security flaw, did I mention that modules suck?

  • Get up2date if you can't/don't have experience upgrading software.
  • Delete most of what is in /etc/xinetd.d/.
  • Add another user with an id of 0 and never login as root.
  • Run Tripwire before you go on the net as you will be probed within minutes of plugging the cable in.
  • get and install portsentry and logcheck. Learn to love reading your logs, you will soon find out what is not normal (like login from root).
  • NMAP is your friend (just make sure you don't have an automatic lockout program such as portsentry running or you will lock yourself out.)
  • Nessus is your friend
  • Snort can be a good buddy
  • Build a firewall (smoothwall is excellent) and use it in front of your real box. You don't need to buy someones proprietary box.
  • SSH is your wife. Don't allow anyone to talk you into ftp/telnet.
  • Get on Redhats update list
  • Follow some security sites DAILY
  • there is more, but you get the idea.
  • Most of this applys to ANY OS.