Configuration recommendations of a gnu/linux system

Unix operating systems and derivatives, including GNU/Linux, are playing an important role in the ecosystem of equipments, systems, networks and telecommunications. They are widely deployed in several equipments. This guide focuses mainly on generic system configuration guidelines and on common sense principles that need to be applied during the deployment of hosted services.

GNU/Linux distributions are highly heterogeneou, the control of the system platform is a complex task; expertise becomes really necessary as the number of services and servers increases.

However, some hardening measures can be implemented based on the expected security level, which will depend on the sensitivity of the data handled or hosted by the system and the robustness of access controls realized in order to access to resources.

A publicly exposed service with low access control and handling sensitive data (transfer email server, corporate web server, etc.) requires an enhanced security level, perhaps even high. Conversely, a backup server on an isolated network and accessible only to a few people may require a lower level of security.
The recommendations of this guide are given based on an estimated level of hardening.

A new version of this document is available (in French only at the moment) here

  • pdf

    Configuration recommendations of a gnu/linux system - v1.2 - obsolete

    1.27 Mo