Run sendmail in queue mode as a root cron job on machines that are not mail servers or

relays. If the system is not a server or does not have to listen for incoming mail, rename the sendmail startup script, binaries, and configuration files and change their permissions to 000. Logs System logging is crucial for troubleshooting and tracking unauthorized user accesses. Ideally, logs should be kept locally as well remotely on a central loghost that does nothing but accept and store log messages. Your network security policy should help dictate which events need to be audited. Logcheck and swatch are open source tools that system administrators can use to examine log files for unusual activity, based on key phrases or specially set string patterns. They can also send email to the system administrators, alerting them to possible unauthorized activity. X-Window Environments Since most servers do not require the use of windowing packages, remove the X Windowing environment on all servers to avoid introducing unnecessary vulnerabilities. Distributed Server Functions It is a good security practice to distribute the server functions of a network among separate systems. For instance, the DNS server should be separate from the mail server, which should be separate from the firewall, etc. A number of products include the software to run a web server, mail server, DNS server and other server functions all from the firewall. However, this presents a single point of failure for the network and therefore an avoidable vulnerability.
Next topic
Previous topic