Debian Sarge OS Hardening Level 1                                             page 1 of 1


After installation of your Debian Sarge system following the appropriate baseline
installation process, perform the following hardening tasks;

Configure appropriate login banners
         place the following in /etc/issue
***********************************************************************
                                        NOTICE
This system is to be used only by properly authorized persons for the sole use of
Mikrotec Internet Solutions. If you are not an authorized user, disconnect immediately.
All system activities are monitored for administrative and security purposes. Use of this
system implies consent to such monitoring and acceptance of responsibility to preserve
the confidentiality, integrity and availability of the resources accessed.
***********************************************************************
edit /etc/ssh/sshd_config and set Banner /etc/issue

    Review patch levels and be sure that any outstanding updates have been applied
·
    Review all startup services and shutdown any services that aren't required.
·
    Review all user accounts, remove any that aren't valid.
·
    Review logging and log rotation.
·
    Restrict open ports and access to ssh via network or host based firewalling
·
    perform appropriate service hardening as per documented procedures
·




Revision 1.3                      DS OS Hardening L1          Last modification 11/17/04
                                       Baseline