Found in 2 comments on Hacker News
hga · 2010-02-10
· Original
thread
"gaaa!" is an entirely legitimate response to this and the same one I had when I looked at it in the middle of last year (and I've been playing the game since 1980 (sic), but not since 2000 ... the threat environment has exponentially increased since then).
I'm afraid my only recommendation is not immediately useful, which is to start reading/skimming a 1,000 page book, Practical Unix & Internet Security, 3rd Edition by Simson Garfinkel et. al. (http://www.amazon.com/Practical-Unix-Internet-Security-3rd/d...).
But's that reference is only "a mile wide and an inch deep* (from the Amazon.com reviews).
How much time do you have? How much flexibility in choosing your OS (e.g. is OpenBSD or a Linux that really implements SELinux an option)?
And there are so many details today, like how do you get adequate entropy for your RNG on a VPS?
Gaaa!
http://www.amazon.com/Practical-Unix-Internet-Security-Editi...