LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-17-2010, 01:38 AM   #1
salimshahzad
Member
 
Registered: Dec 2009
Posts: 200

Rep: Reputation: 15
how to secure linux box


dear gurus,

we are using linux email server axigen past few years. we keep port open ssh and pop,smtp webmail etc. ssh use for remote trouble shooting. so through firewall it is globally accessable.

we notice many attacks coming to our machine, also some people try to enter in our system but failure.

as example see below a log come in messages file

Mar 17 09:19:50 sa1 sshd(pam_unix)[21231]: authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.51.13.120 user=root

how we can secure more. as per my understanding only good long strong password can stop to prevent from attacks.

kind regards
salim
 
Old 03-17-2010, 01:56 AM   #2
sohail0399
Member
 
Registered: Oct 2008
Location: Pakistan, Islamabad
Distribution: CentOS, Fedora, Solaris
Posts: 154

Rep: Reputation: 23
there are so many procedures can be follow accordinfg to the conditions:

1. disallow user as root through (user login as other user then su -)
2. you can also change default ssh port to other number
3. you can only allow specific IPs at firewall foe ssh (access control).
4. and password should be strong.
 
Old 03-17-2010, 02:40 AM   #3
freelinuxtutorials
Member
 
Registered: Oct 2009
Posts: 70

Rep: Reputation: 21
1.close unncessary ports
2.use iptables for packet filtering
3.use tcp wrapper, making /etc/hosts.deny to ALL:ALL then /etc/hosts.allow ,allow specific IPs only to connect.
e.g.
sshd: your.ip.here
4.don't permit root login on ssh
5.use strong passwords
6.you can try also change ssh port, let say make it 8022
7.patch your system

BTW,what's your firewall? If you can close ssh in public access, instead accessible only via VPN much better
 
Old 03-17-2010, 03:14 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,354
Blog Entries: 55

Rep: Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541Reputation: 3541
Also see http://www.linuxquestions.org/questi...tempts-340366/
 
Old 03-17-2010, 04:20 AM   #5
blacky_5251
Member
 
Registered: Oct 2004
Location: Adelaide Hills, South Australia
Distribution: RHEL 5&6 CentOS 5, 6 & 7
Posts: 572

Rep: Reputation: 56
Also, does your distro support SELinux or something similar? Enable it!
 
Old 03-17-2010, 04:43 AM   #6
arashi256
Member
 
Registered: Jan 2008
Location: Brighton, UK
Distribution: Ubuntu 12.04 / CentOS 6.5
Posts: 394

Rep: Reputation: 61
Fail2Ban is always a winner
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Secure your Linux box with MoBlock LXer Syndicated Linux News 0 02-16-2010 11:00 AM
LXer: Secure the Hell Out of Your Linux box LXer Syndicated Linux News 0 05-10-2008 02:30 PM
making, checking secure linux box archish Linux - Security 8 05-11-2004 02:29 AM
Want to secure your linux box..then read this? blessen Linux - Security 6 03-15-2004 11:50 PM
HOWTO: Secure and stealth your Linux Box! techchiq Linux - Security 23 01-11-2004 08:31 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration