Router
This is your first line of defence
- Change default username and password
- Disable ICMP response
- Activate logging (and review regularly)
- Use MAC address authentication for wireless clients
Firewall
This is used as a emergency defence
- Activate out-bound firewall, ready to block all Athena ports
- Activate in-bound firewall, ready to block all Athena ports
MySQL server
- Delete all @% users
- Restrict root to localhost
- Restrict ragnarok to localhost, change password if necessary
- Restrict cp to localhost, change password if necessary
- Do not run any script before backing up data
Athena
- Change GM password in login_conf.txt
- Change admin password in login_conf.txt
- Server login accounts (safe as long as option "S" in the field "sex" is not open)
- Consider using MD5 passwords to prevent GM abusing login data
- Do not activate any script without thorough testing
Azndragon's ROCP
- Use a strong passphrase
- Disable register_globals in php.ini (might cause problem with other PHP scripts)
Server Host
- Do not use it as an internet client host (This is equivalent to opening used ports to the internet.)
Network Stations
- Do not grant trusted host status to any network station
- Increase security on all internet clients (Infected stations can be traffic hogs.)
|
|