Wiki

User Tools

Site Tools

Trace: automatic_indentation_methods no_md_superblock_detected find_largest_and_smallest_directories encode_video_as_x265_hevc_10bit access_squid_log_files_via_ssh check_if_a_nvidia_gpu_is_found dkim_domain_keys_identified_mail use_pfsense_as_an_openvpn_client view_logs_since_the_current_boot drop_user
secure_ubuntu_system:introduction

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
secure_ubuntu_system:introduction [2016/07/11 21:44] – created petersecure_ubuntu_system:introduction [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 1: Line 1:
-====== Ubuntu Setup ======+====== Secure Ubuntu System - Introduction ======
  
-===== Introduction =====+{{:secure_ubuntu_system:secure-server-lock.png?100|}}
  
 This document describes the process of installing an Ultra Secure Ubuntu Server. This document describes the process of installing an Ultra Secure Ubuntu Server.
Line 28: Line 28:
   * Use appropriate tools to guarantee that unauthorized use is detected so that you can take appropriate measures.   * Use appropriate tools to guarantee that unauthorized use is detected so that you can take appropriate measures.
  
 +----
  
 ===== The Basic Security Tenet ===== ===== The Basic Security Tenet =====
 +
 +{{:secure_ubuntu_system:security-model.gif?200|}}
  
 The Basic Security Tenet is: The Basic Security Tenet is:
Line 39: Line 42:
 Hardening a server means, at the practical level, reducing as much as possible the attack surface, and monitoring what is exposed to detect intrusion. Hardening a server means, at the practical level, reducing as much as possible the attack surface, and monitoring what is exposed to detect intrusion.
  
-Hardening a system is much easier if you start from a minimalistic system and then add only the needed services.  Hardening a complex system is possible but has a higher cost and is much more complicated, since it is easy to forget some (apparently) harmfulness piece of software somewhere in the machine.  Even with modern packet managers, handling installed packages isn't an easy task.+Hardening a system is much easier if you start from a **minimalistic** system and then add only the needed services.  Hardening a complex system is possible but has a higher cost and is much more complicated, since it is easy to forget some (apparently) harmfulness piece of software somewhere in the machine.  Even with modern packet managers, handling installed packages isn't an easy task. 
 + 
 +----
  
 ==== Security requirements ==== ==== Security requirements ====
Line 54: Line 59:
   * Get management's sign-off.   * Get management's sign-off.
  
 +----
  
 ==== Security Objectives ==== ==== Security Objectives ====
Line 68: Line 74:
   * Monitor logs.   * Monitor logs.
  
 +----
  
 ===== Requirements ===== ===== Requirements =====
 +
 +{{:secure_ubuntu_system:checklist.png?100|}}
  
 To install such a system you will need the following: To install such a system you will need the following:
Line 78: Line 87:
   * A server with at least a single Ethernet card.   * A server with at least a single Ethernet card.
  
 +----
  
-===== Decisions to Make ===== +===== Continue =====
- +
-Items in RED should be changed to meet your requirements.+
  
 +Continue to [[Secure Ubuntu System:Decisions to Make]]
secure_ubuntu_system/introduction.1468273476.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki