Locking down system from hackers

My server was recently hacked using ptrace exploit which took advantage of hole in old Redhat 7.3 kernel. It looks like it used Apache user to copy programs to /var/tmp/.xpl direcory and run irc chat thing as well as DOS attacks on others.

I'm wondering if it is possible to lockdown system with assumption that holes will always be found. What I mean by this is, instead of using default users for everything and default permissions, isn't it possible to change these things so that it doesn't get hacked.

Standard policy for most people is do patches and upgrades as they become available. Users/Permissions are usually always default, though.

If I would have had password for Apache user, isn't it possible that I could have avoided being hacked even though I had kernel hole?

 

 

 

 

Top