Basic Security
 

Hey Everyone,

I had formatted my server to Linux 9 thrice, but it always get hacked after a couple of months.

As I am still a newbie, I do hope you can give me some advice as to how to configure or install any basic security features.

Please kindly include the steps in details. Thank you so much. :)

Regards,
MatchGirl

By Linux 9 I'll assume you mean Redhat 9? Upgrade, that distro is only about 7 years old...or so.

That's a wide question and the full answer depends on your system, environment, use, knowledge, etc. Actually there might be as many full answers as people who are willing to answer :)

Here are some very basic, very simple advices as a start point...

1. first of all, as cs-cam pointed out, install an up-to-date distribution and keep it up-to-date (kernel, software, etc...) using the distro update tool (yum, apt, up2date, emerge, etc.)
2. set a Real root password (other than '000' or 'abcde' or 'john' or your birthdate or your pussycat name... preferably one containing a mix of lower and upper case letters and digits like 'Hf4gpvJ8')
3. set real passwords for other users as well
4. keep all those passwords in your head and not anywhere else
5. make sure telnet and rsh services are disabled (those can be used to connect remotely sending cleartext passwords)
6. for other services, disable all those you're not using (samba, ftp, http, ssh, nfs, etc...)
7. for those services you're using and did not disable, pay particular attention to their configuration (non exhaustive list of examples: disable root login for ftp and ssh, disable write ftp access for anonymous users...)
8. eventually add a firewall that will block all ports (outgoing or incoming) which are not used. If you connect to internet through a router on a private lan, disable dmz on your router and forward to your machine only needed ports.

for ssh:
Disable Direct Root Logins & forcing the use of SSH protocol 2
RSA and DSA (keys) are protocols used for a more secure form of authentication than your password.