Nortel Networks NN43001-315 User Manual
Page 105
Linux Security Hardening
105
•
Choose software you use to remove or clean the viruses, as well as
send warning messages.
•
Choose software that uses a maximum of 10% of CPU for a scheduled
scan and 3% for an active scan.
BIOS setting and password protection
To secure the server, Nortel recommends the following:
•
Disable boot from CD or DVD drive in the Basic Input Output System
(BIOS).
•
Add a BIOS password. For information about adding a BIOS password
to the HP DL320 G4 server see
“Setting the HP DL320 G4 server
. For information about adding a BIOS
password to the IBM x306m server see
.
•
Add a boot loader password.
Removal of the Ctrl+Atl+Del keyboard shutdown command
The Ctrl+Alt+Del shutdown command is disabled.
Single-user-text-mode booting is disabled
This booting mode is disabled to prevent the unauthorized access of the
system.
Hardened communications by using secure protocols
Secure Shell (SSH) and its accompanying tools are included by default.
The secure protocols are also a replacement for some insecure protocols,
as shown in
Table 3 "Security communication protocols" (page 105)
Table 3
Security communication protocols
Insecure protocols (disabled)
Replacement secure protocols (supported)
telnet
ssh
rsh
ssh
rlogin
ssh
tftp
sftp
ftp
sftp
rcp
scp
Nortel Communication Server 1000
Linux Platform Base and Applications Installation and Commissioning
NN43001-315
02.09
29 October 2008
Copyright © 2007–2008 Nortel Networks
.