Would like to test how well is hardened my server using nmap and nessus against it from outside machine (that I'm administering too) - is this OK with site policies? Wouldn't like to have IP of this outside machine or network blacklisted...

Thanks.

It is ok to run security scans against your own server.

Oh, that might be a nice thing to start doing myself too. Let me know if you have a nice howto of how to go about doing that. I always just assume things are safe because they aren't M$, but I am probably mistaken.

@matta: Thanks for your prompt reply.

@hoffman_c:
Hard to give any specific security howto, because it all depends on your server setup, the level of how much aware/paranoid you want to be and the amount of your time to devote to this project. For example, I have iptables firewall employed on my server, then a setup where no username/pasword is allowed to go in plain text (SSH/NX for remote access, STARTTLS employed for SMTP and POP3) and further a network (Snort) and file-system (AIDE) IDS running; I spent couple days on configuring all of this and I consider it to be reasonably (but not perfectly) secured system now. The procedure of hardening a server is ongoing and tools like nmap and nessus has to be used along the way to check what is accomplished. You could probably find tutorials specific for you distrubution on specific aspects of hardening servers or using scanners like nmap or nessus; on the other side, for a general overview of the field, I'd recommend "Open Source Security Tools" book from Prentice Hall's Open Source Series, available online at http://www.phptr.com/content/images/0321194438/downloads/0321194438_book.pdf.

Regards,
Alex

Don't forget logcheck. Though I've found it more valuable for forensics than for security, there have been a few times where noticing anomalies in the log files has been helpful to prevent possible attacks.

Also, it's just nice to be sure you know your system is doing things right :)

Brett

Also, remember tripwire can be very useful. If you do have any issues, you can also use tripwire to check what's going on

Just a note: AIDE is (almost) the same thing as Tripwire...