Over the years I have had to harden a great number of LAMP boxes, I have found some methods work for better than others. I will now share with you all my favorite 10 along with methods to implement them on Debian/Ubuntu.

10. Lock SSH access right down. I do this by disabling root logins, disabling password authentication and using denyhosts.

To disable root logins do this: vi /etc/ssh/sshd_config and look for the following line: PermitRootLogin yes and change it thus: PermitRootLogin no

To disable password authentication (you will have to use public/private keys) do this: vi /etc/ssh/sshd_config and look for the following line: #PasswordAuthentication yes (note its commented out) and change it thus: PasswordAuthentication no

To install denyhosts do this: apt-get install denyhosts once installed it shouldn't need any configuration, but you can tweak the settings if you wish in /etc/denyhosts.conf

9. Always use Sudo for root access, This is one of the things Ubuntu does really well and its about time other distros did the same.

Today Guardian Digital announces the launch of the next generation of EnGarde Secure Linux, the first secure pure open source platform for managing the threats of the Internet in enterprise-class environments.

This secure platform, the bleeding-edge version of Guardian Digital's commercial portfolio, has been a staple for security enthusiasts, administrators and organizations for almost a decade.

ALLENDALE, NJ - MAY 8th - 2007 - Guardian Digital, Inc., the world's pioneer in open source security solutions, today announced the latest innovation of its product portfolio with the launch of EnGarde Secure Linux: Community Edition, a freely-available version of its award-winning platform solution for unprecedented enterprise security. EnGarde is the only enterprise-class, Linux-based secure platform for managing a complete Internet presence featuring Web-based management flexibility and SELinux functionality.