Removing Unnecessary Software Packages (RPMs)
A very important step in securing a Linux system is to determine the primary function or role of the Linux server. A detailed knowledge is necessary about what is on one’s own Linux system. It is very critical to look at the default list of software packages and remove unneeded packages or packages that don’t comply with security policy. If that’s done that then there will have less packages to update and to maintain when security alerts and patches are to be installed. Also, it is a good practice not to have development packages, desktop software packages (e.g. X Server) etc. installed on production servers. Other packages like FTP and Telnet daemons should not be installed as well unless there is a justified business reason for it (SSH/SCP/SFTP should be used instead).
One of the first action items should be to create a Linux image…
View original post 8,871 more words