Software provides functionality and the ability to get things done, but it can also be used to destroy and attack a machine through vulnerabilities or misconfiguration. With the vast array of software available for Linux, it is easy to fall into the trap of installing a lot of interesting software that you may not necessarily need. The less software you have running on your Linux machine, the fewer potential vulnerabilities there are to exploit on your system. This basic truth is the basis for this chapter, and we will go over the steps you will be taking to harden your system. The first half of the chapter will discuss removing software that you may have installed or was previously installed that isn t needed for your server. The second portion of the chapter will discuss how to securely install new software that is required for your organization s objectives.
The steps you need to take to resolve this vulnerability are the following:
Identify required software
Determine software dependencies
Remove or restrict unneeded software
Install software securely
Test and monitor your system