Security Handbook

The Security handbook is a step-by-step guide for hardening Gentoo Linux.

Find the individual parts below or view the all-in-one-page Security handbook.

Contents

Pre-installation concerns

Why is security an important part for every server admin?

Bootloader security

Tightening security of the bootloader.

Logging

Choose between (at least) three different system loggers.

Mounting partitions

/etc/fstab provides many security options.

User and group limitations

Control system resource usage.

File permissions

Securing local files.

PAM

Pluggable Authentication Modules.

TCP wrappers

Control access to services.

Kernel security

Instructions for securing the kernel.

Network security

Instructions for configuring network security options in the kernel.

Securing services

Help on ensuring system daemons are secure.

Chrooting and virtual servers

Isolating servers.

Firewalls

A guide on packet filtering.

Intrusion detection

How to discover if intruders have entered a system.

Staying up-to-date

Ensuring the latest security updates.

This page is based on a document formerly found on our main website gentoo.org.
The following people contributed to the original document: Kim Nielsen (author), John P. Davis (editor), Eric R. Stockbridge (editor), Carl Anderson (editor), Jorge Paulo (editor), Benny Chuang (editor), Sune Jeppesen (editor), Tiemo Kieft (editor), Zack Gilburd (editor), Dan Margolis (editor), and Joshua Saddler (nightmorph)) on April 2, 2010.
They are listed here because wiki history does not allow for any external attribution. If you edit the wiki article, please do not add yourself here; your contributions are recorded on each article's associated history page.