[GTALUG] Linux hardening question
Kevin Cozens
kevin at ve3syb.ca
Tue Jun 27 19:53:02 EDT 2017
On 2017-06-27 07:37 PM, Truth Hacker via talk wrote:
> I am starting to go down the road to harden a Linux server, I am using
> the Ubuntu server image as my starting point.
[snip]
> Q: What service should I consider disabling from starting automatically.
Disable any service you won't need for what you are going to be doing with
the machine. :)
> I am reading up on iptable and also know about ufw, but not sure how
> to setup a good firewall, like what to block and not.
It depends on the extent to which you want to harden the machine. One way to
set up a firewall is deny everything by default then open the holes for the
services you need. firewalld is also a firewall related package I've been
running across lately.
Install logwatch and have it send the logs to you on a daily basis.
Use fail2ban to automatically firewall any machine who fails too many times
to login via SSH.
You may also want to "chmod 711 /etc", FWIW.
If you are really serious about hardening a machine read up on SELinux.
--
Cheers!
Kevin.
http://www.ve3syb.ca/ |"Nerds make the shiny things that distract
Owner of Elecraft K2 #2172 | the mouth-breathers, and that's why we're
| powerful!"
#include <disclaimer/favourite> | --Chris Hardwick
More information about the talk
mailing list