Readit News logoReadit News
muster commented on Show HN: I learned to code to launch my new startup   uncover.com/... · Posted by u/spencerfry
muster · 13 years ago
Spencer is my hero, really.

I'm learning how to program, and I am doing so, so as to get into the business of starting a startup, and he started a startup, and coded to fit into it. Amazed.

Well, Spencer, if you ever get to read this, please answer a few questions for me:

When did you begin writing programs/web design? Like, when did you get from 0 to where you are now, programmably?

What did you use to learn? What documentation/videos/resources?

Where now? Now that you've designed this, do you feel a sense of accomplishment? Do you feel you have SO MUCH MORE to learn or did it fit the purpose you needed it for?

Thanks, congratulations, and good luck!@#

muster commented on How I spend my first 5 minutes on a server   plusbryan.com/my-first-5-... · Posted by u/solfox
robomartin · 13 years ago
I went through the article and then read every single post on this thread. I am not a security expert so I won't even try to contribute except to say that I see a lot of people offering criticism without taking the extra step of explaining how they would go about hardening a fresh Linux install (or a pile-o-servers in a rack, whatever is applicable).

It'd sure be nice for those of us who are not security experts to read alternative approaches rather than, paraphrasing and not picking on anyone, "using a firewall is dumb" or "blocking ssh is pointless".

I like isolated ideas such as using a script to completely automate the provisioning of new boxes. Kind of a no-brainer if you ask me. The problem is that such recommendations are not followed by something like "Here's the script I use on Ubuntu 12.04 LTS".

How about it guys? Would you care to attempt to produce a canonical HN "How to harden your server" reference?

Maybe one of the security experts on HN can start a repository on Github to evolve a canonical script. I'm pretty much 100% Ubuntu 12.04 LTS, so it is my hope that this is one of the platforms that is addressed.

I did some looking around and this is what I found (I am in no position to evaluate the merits of any of these at anything beyond an intermediate level):

https://github.com/bluedragonz/server-shield

https://github.com/eglimi/linux_hardening

http://www.cyberciti.biz/tips/linux-security.html

http://ubuntuforums.org/showthread.php?t=1002167

http://www.thefanclub.co.za/how-to/how-secure-ubuntu-1204-lt...

http://www.andrewault.net/2010/05/17/securing-an-ubuntu-serv...

http://ubuntuforums.org/showthread.php?t=1919111

https://help.ubuntu.com/12.04/serverguide/security.html

http://www.sans.org/score/checklists/linuxchecklist.pdf

http://nvd.nist.gov/scap/content/stylesheet/scap-rhel5-docum...

http://blogs.csoonline.com/ubuntu_lts_vulnerability_scrub_ag...

http://ubuntuforums.org/showthread.php?t=510812

muster · 13 years ago
Shocking that no one has mentioned the grsecurity project.
muster commented on Massive Dosing - the LSD Thumbprint   insanebraintrain.blogspot... · Posted by u/emillon
muster · 13 years ago
Brilliance.
m

u/muster

KarmaCake day5February 13, 2013View Original