Tuesday, August 2, 2016

Article on Securing a Linux Server

Thought this was a fun little blog by Cody Littlewood about Securing a Linux Server. He runs through the things he does in the first 10 minutes and I though they were worth listing out. Quite a bit of good discussion in the comments after it as well.

1.) Setup a strong root password
2.) Update your apt repositories
3.) Upgrade your patches via atp
4.) Add your user (so you don't ever use root again)
5.) Setup SSH key authentication (so eventually below we can eliminate passwords)
6.) Setup sudo for your user
7.) Enforce SSH key authentication (don't allow root login, eliminate password auth, ip filter)
8.) Setup your local firewall (don't forget your ip filter you added for ssh)
9.) Enable automatic security updates
10.) Enable fail2ban to block suspicious activity real-time
11.) Enable 2-factor authentication (like google authenticator)
12.) Enable a tool like LogWatch to ensure you are monitoring your logs

It's a good start to your Server Build/Hardening guide you should have.

More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment