[GTALUG] Linux hardening question
Truth Hacker
devguy.ca at gmail.com
Tue Jun 27 19:37:29 EDT 2017
Hi All,
I am starting to go down the road to harden a Linux server, I am using
the Ubuntu server image as my starting point.
I searched a few articles and compiled a list of things to do, so far
the stuff is a bit dated. So I was wondering if anyone has stuff ideas
to help me harden my system which I plan to use to host my website
using a VPS host.
So far I've got step for the following:
SSH / No root login, public key login
Using DenyHost to reduce brute force password hacking
Block port scanning
Disable PING response
Closing unused ports
Q: What service should I consider disabling from starting automatically.
Q: What program should I remove like (telnet) from my system.
I am reading up on iptable and also know about ufw, but not sure how
to setup a good firewall, like what to block and not.
Any other ideas or checklist would be appreciated.
Thanks,
TH
More information about the talk
mailing list