some tips on server linux server hardening

I used to setup various security measures when i was running the "big stuff" online
i never chrooted anything to be honest because it was complicated as it was plus I was just moving my internet faced servers
into virtulisation as i was leaving but had some machines running in vmware as this would be easy for me to get support for as things were getting fairly big from smallish company to enterprise 🙂
the servers i built from scratch gentoo boxes hardened kernel – hand built iptables firewall although we was behind a firebox i had full control of what was going in and out (real paranoid!) – very cut down install no X of course – remote secure logging with syslog-ng – tripwire (a must) – chrootkit on regular cron – snare or snort
and to top it all of very secure coding if you can !!!
most of the above programs sends emails so i used to get them on my phone any sign of tampering ssh straight into the logging server and see what the hells going down!!!
in them eight years i never had a hack – I had two mail servers online – 4 web servers – 4 database server (behind the firewall) and various other bits of kit – we did play with a honeypot!
When you start playing try bastille – its a script that locks down a box, the thing is you can see the kind of things it starts locking down so puts you in the frame of mind of lock down 🙂 hey you got to start somewere!
then get loaded up with some tools go to a friends hows get some beers and try crack it 😉 if you get in then your server wants setting up properly 😉 various goodies to hit it with are available if you want something fast nmap it see if the ports are shut properly then nessus it this will tell you if its vunerable or actually just kill the box then you know it isnt setup right 😉
plenty of howtos about that will help you more on google …
as there are plenty of other things to tighten security :

* User Account Administration
* Filesystem Security
* System Resource Limits

always have a backup always have a plan for that day when you come in and your web page says hAckEd bY……

Regards
Wayne 🙂

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.