Search This Blog

Tuesday, September 7, 2010

Linux Server hardening.

Today i have decided to put some more security for my linux machine.

Linux Hardening is a term used to do the same.

So how would i achieve linux hardening?

Well This question has different answers depending on which operating system,What level of security needed and Budget requirement (You heard it right).

Though there are lot of free tools available but when it comes to enterprise wide Server hardening you might need to shell out more money to buy firewall server and a softwares or resources to manage them.
Additionally you may need to deploy some other well known security tools to make your system intruder proof.Much like installing McAfee enterprise suite for your window based network.

Well In this article I m not going to talk about expensive ways to harden your system rather i will try to teach the hardening process in much simple and educational format.

So here we begin.

As the Hardening process requires you to modify configuration files Its a best practice to make a backup of configuration file with a name as .old.
This way if you make any mistake you can rollback later.
It is also advised to maintain the steps that are performed during hardening.

1) Decide on which service to start and stop.
This decision can play much important role.

If you are not going to transfer your files from your server to another server using FTP protocol,you are better to turn FTP service off.

Similarly other services can be made off.
How it works:
Please read the blog for more information.

Use of firewall to block the port.

In typical linux block firewall setting can be invoked using.(This can be different depending upon your distribution)

Disable the service itself.

Even though the port for particular service is blocked it is recommended to disable the service.

Telnet Service:
It is highly recommended to Disable this service However i have given a guide on how to enable the service.

Enable Telnet Service:
Disable telnet service :

FTP Service:
This service is used to tranfer files from your server to another machine.

Enable FTP Service:
Disable FTP Service:

SMTP Service:

Enable SMTP Service:
Disable SMTP service:

This service is used to send a mail .However hacker may use this service to JAM the network traffic or send spam mails.It is recommended to block this service if you are not using your server as mail server.
For disabling SMTP service you have to first know what message transfer agent (MTA) you are using?
This can be done using following bash

#ps -ef| grep -iE "sendmail|postfix|exim|courier|james|lotus|qmail|xmail|postmaster"

More on this coming soon.

Best thread for getting Additional useful information.

Disable Ctr+Alt+Delete.

Disable Ctr+Alt+Delete.

Automatic logout in case of inactivity.

Automatic Logout incase of inactivity.

Display a legal warning before login(SSH).

“Treat your password like your toothbrush. Don’t let anybody else use it, and get a new one every six months” – Clifford Stoll

No comments:

Post a Comment