LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 03-27-2012, 08:02 AM   #1
ramecare
Member
 
Registered: Feb 2011
Posts: 176

Rep: Reputation: 0
securing linux server


Dear all,

Iam working on a remote linux server and my question is other than iptables firewall what are all the ways to protect a linux server from hackers and how to secure apache,ssh and ftp,can any one assist me how to secure a linux server from hackers.


Thanks&Regards,
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 03-27-2012, 09:17 AM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,772

Rep: Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346
Quote:
Originally Posted by ramecare View Post
Dear all,
Iam working on a remote linux server and my question is other than iptables firewall what are all the ways to protect a linux server from hackers and how to secure apache,ssh and ftp,can any one assist me how to secure a linux server from hackers.
Thanks&Regards,
Here's a few helpful steps to get you going:
  • Go to http://www.google.com
  • Type "how to secure a linux server" into the search box
  • Press ENTER
  • Read results
You will see such things as this:
http://www.wikihow.com/Secure-a-Linux-Server

If you want specifics, try typing the same string above, but putting a service after it, like "how to secure a linux server apache". You'll see things like this:
http://www.thegeekstuff.com/2011/03/apache-hardening/

Repeat with each service. Since you don't tell us what version/distro of Linux, what you've done/tried, what your environment, network, and existing firewalls are like, there's no way we can give you ANYTHING more than a basic answer, which you could look up yourself.

Last edited by TB0ne; 03-27-2012 at 09:18 AM.
 
Old 03-27-2012, 12:25 PM   #3
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,120

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
other than iptables firewall what are all the ways to protect a linux server from hackers and how to secure apache,ssh and ftp
This is a good question, one which has a multitude of answers, but not no one right answer. TB0ne's suggestion is ultimately the correct way to go, in as much as you will need to read, research, learn and apply. Getting started can be a difficult, especially as the subject of "how to secure a server" is so broad, which leads me to the most important question you need to ask: "what am I trying to protect against?" You mention "hackers" or as they are more appropriately known as "crackers" but even this isn't specific enough. The other major concept you need to understand is that security is an ongoing process, it isn't a set of settings, it isn't a firewall, and there isn't an application you can run that will keep them out. In the general sense, what you need to do is raise the bar to entry high enough that the average "hacker" and script kiddie goes elsewhere. I am going to borrow from an earlier post of mine from today, which I encourage you to read.

Securing your server must be done in layers and as I mentioned it is a process. Part of the process is keeping watch on what is happening with your server. As I mentioned in that other post, you can use various intrusion detection tools such as Aide, Ossec, Samhain, Tripwire. These really should be installed at the onset on a known clean system. You can monitor the network traffic itself with an application like Snort. In both cases, you may want to get alerts regarding anomalies or changes in your system and can take action if something unexpected happens. You should monitor your log files regularly and Logwatch will help with this. You should operate with the least amount of privilege required and avoid using root except when necessary. You should use strong passwords and only open services to the public that you are required to. Limit the permissions on files and folders and consider using umask to set more restrictive default ones.

Lets discuss the applications you mention. SSH is pretty well known how to make it reasonably secure and it amounts to not allowing root access, use key based authentication, and short circuit attempts at entry. Apache is very dependent upon the application you are running, but you need to be careful of PHP, Perl or any other script. Make sure that any info that is received from a user is properly sanitized. Consider mounting /var and /tmp in separate partitions (so that an intruder can't overflow the entire drive) and set options in your mounting table to disallow binary execution, setuid, or device creation (note this is counter productive to chroot environments). Don't use web based configuration tools or if you do keep them private or require key based authentication. With regards to FTP, you should really reconsider it altogether. SFTP is a better choice as it has encrypted login, but unless you use key based auth, it is still subject to brute force passwords. Instead you might consider using SCP which works over SSH. You can run a vulnerability assessment against your system such as OpenVAS which will tell you what you are exposing to the world and if any of that information can be used against you. Lastly, you should keep things updated. The updates often times correct discovered exploits. All software has bugs and eventually someone discovers how to take advantage of them. Keeping your applications updated is the best defense against this.

If you were to apply these things, you would have a reasonably secure system, but the most important thing is that you continue to monitor what is happening and take corrective action when you see things are not as they should be.
 
2 members found this post helpful.
Old 03-27-2012, 01:19 PM   #4
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,860

Rep: Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768
In this very sub-forum (security), there are some stickies. Reading the security references would give you a good start.
 
1 members found this post helpful.
Old 03-28-2012, 07:02 AM   #5
ramecare
Member
 
Registered: Feb 2011
Posts: 176

Original Poster
Rep: Reputation: 0
I will take all ur suggesions and i'll work it out,Once again Thank u all for the suggesions.


Thanks,
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
What are the steps to and Procedure to follow for securing Linux Server??? sai.harikrishna Linux - Newbie 3 04-16-2011 04:45 AM
hardening \ securing \ auditing a linux server account Networking Linux - Security 15 09-22-2009 07:00 PM
hardening \ securing \ auditing a linux server account Networking Linux - Security 4 08-06-2009 01:20 PM
Setting up and securing a linux server my-unix-dream Linux - Security 7 06-22-2004 07:19 PM


All times are GMT -5. The time now is 12:19 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration