Network Security

Red Hat Linux

Based upon what's being reported I'ld guess this machine is used as an email server with a web-interface.

The first course of action is to determine which services of the discovered are actually needed, and then diable the ones not in active use.

The second course of action is to determine the correct actual version number of the services. Version numbers reported in headers are notoriously unreliable [B1 p13]. Many of the recommandations in the report are based upon banners.

The third course of action is to look at some things not in the report:

  • which version of PHP is installed
  • which SMTP server is installed, and in which version

Fourth course of action is to upgrade everything to the latest stable releases. And recommend to the system administrator to subscribe to security bulletins and news-list from each of the relevant developers (Apache, PHP, SquirrelMail, the SMTP-server).

Under all circumstances I'ld shut down sunrpc if at all possible [B2 chapter 3.3]. And the remote access to the X-server is seldom needed. If my initial guess at to the use of this machine is correct, there's no need for remote access using X-windows - an ssh connection into the CLI is more than sufficient.

Some valid pieces of advise is given regarding the Apache Webserver and security certificates. It could be advantagerous to implement these recommandations.