[GTALUG] Linux hardening question

Truth Hacker devguy.ca at gmail.com
Tue Jun 27 19:37:29 EDT 2017


Hi All,

I am starting to go down the road to harden a Linux server, I am using
the Ubuntu server image as my starting point.

I searched a few articles and compiled a list of things to do, so far
the stuff is a bit dated. So I was wondering if anyone has stuff ideas
to help me harden my system which I plan to use to host my website
using a VPS host.

So far I've got step for the following:

SSH / No root login, public key login
Using DenyHost to reduce brute force password hacking
Block port scanning
Disable PING response
Closing unused ports

Q: What service should I consider disabling from starting automatically.

Q: What program should I remove like (telnet) from my system.

I am reading up on iptable and also know about ufw, but not sure how
to setup a good firewall, like what to block and not.

Any other ideas or checklist would be appreciated.

Thanks,
TH


More information about the talk mailing list