Maintaining Linux Server is important to protect our data from hackers. But securing the server does not need to be complicated. We must adopt a method that will protect our servers from the most frequent attacks along with efficient administration.
1.Install what you need
The first rule is to make sure your server is leaning and meaningful. Install only the package you need. If there is an unwanted package; clean up. The smaller the package the less likely the code is unpatched.
2. Turn on SELinux
Security-Enhanced Linux (SELinux) is an access control security mechanism provided in the kernel.
SELinux provides 3 basic modes of operation :
- Enforcing: This is the default mode that allows and enforces SELinux’s security policy on the machine.
- Permissive: In this mode, SELinux will not enforce security policies on the system, only warn and log actions.
- Disabled: SELinux is turned off.
It can be managed from ‘/etc/selinux/config’ file, where you can enable or disable it.
3. Secure console access
You must protect the Linux server console access by disabling the boot from external devices such as DVD / CD / USB pen after BIOS setup. Also, Set BIOS and grub alarm passwords to protect this setting.
4. Restrict using old password
We may block users from using the same old password. The old password file is located in / etc / security / opasswd. This can be done using the PAM module.
5. Check listening ports
Use ‘netstat’ command to view open ports and and corresponding services .
6. Disable root login
It is not recommended to ssh to your server as a superuser (root). We have to disable ssh as root user on server, but before doing so, let’s create user with sudo power so you can ssh to server and perform administration tasks. Once you log in to the server, you can always switch users to the root, if needed.
7. Change the port
We can change the default SSH Port to add a layer of opacity to keep your server safe . Open the /etc/ssh/sshd_config file replace default Port 22 with different port number say 1110 save & exit from the file
8. Disable Ctrl+Alt+Delete in Inittab
Hitting Ctrl+Alt+Delete will take your server to rebooting process. So this is always advisable to disable this as someone can mistakenly reboot the system.
The ctrl+Alt+Del action is defined in /etc/init/control-alt-delete.conf
9. Password-less login
We can easily login to our server through SSH without any password by generating the ssh-keys. Just be careful that you can log into your server only from that machine on which you generated the ssh keys.
10. Fail2Ban for SSH login
Fail2ban works by dynamically altering the firewall rules to ban addresses that have unsuccessfully attempted to log in a certain number of times.
Feel free to contact E-SPIN for the solution for your system and operation to reduce risk of your businesses and organization. We can secure and protect your businesses with our various software security technology, include server security technologies and solutions.