Forums
FOSS Linux Q&A
Networking & Securi...
What are the best p...
 
Notifications
Clear all

[Solved] What are the best practices for securing a Linux system?

 
    Last Post
   RSS

1
16/02/2024 12:13 am
Topic starter

With all the security threats out there, I want to make sure my Linux system is locked down. What are some essential security measures I should implement? I'm particularly interested in firewall configurations and SSH security tips

Tech Tinker 
(@techtinker)
Byte Beginner
| 24Posts
8 11 4
Add a comment
Topic Tags
Linux Security
1 Answer
1
16/02/2024 10:54 pm

Here are some essential security measures you can implement, focusing on firewall configurations and SSH security:

Firewall Configuration

  1. Default Deny Policy: Start by setting your firewall to deny all incoming connections by default and only allow services that you explicitly want to be accessible from the outside.

  2. Uncomplicated Firewall (UFW): For a user-friendly way to manage your firewall, consider using UFW. It's less complex than directly using iptables and provides a good balance between functionality and ease of use. To enable UFW, you can use:

    sudo ufw enable

    Then, allow specific services as needed, for example:

    sudo ufw allow ssh sudo ufw allow http

  3. Service-Specific Rules: Be specific about which services you allow through the firewall. For instance, if you're running a web server, only allow HTTP (port 80) and HTTPS (port 443).

  4. Logging: Enable logging for your firewall to monitor any unusual or unwanted connection attempts. This can be done with UFW using:

    sudo ufw logging on

SSH Security

  1. Disable Root Login: Prevent direct root logins via SSH to reduce the risk of brute force attacks. Edit the SSH configuration file /etc/ssh/sshd_config, and set:

    PermitRootLogin no

  2. Use SSH Keys: Instead of password-based authentication, use SSH keys. They are more secure and less susceptible to brute-force attacks. You can generate an SSH key pair using:

    ssh-keygen -t rsa -b 4096

  3. Change the Default SSH Port: Changing the default SSH port (22) to something else can help reduce the number of automated attacks. In /etc/ssh/sshd_config, set:

    Port 2222

    Remember to allow the new port through your firewall and adjust any port forwarding settings if necessary.

  4. Use Fail2Ban: Fail2Ban is a tool that scans log files for multiple failed login attempts and bans those IP addresses for a specified duration. This is effective in preventing brute-force attacks.

  5. Two-Factor Authentication (2FA): Enhance security by implementing 2FA for SSH logins. This adds an additional layer of security beyond just the SSH key.

Regular Updates and System Audits

  • Keep Your System Updated: Regularly update your system and installed packages to ensure you have the latest security patches.

  • Audit Your System: Use tools like Lynis (a security auditing tool for Unix-based systems) to perform regular security audits and identify potential vulnerabilities.

I think implementing these measures will significantly enhance the security of your Linux system. I hope it helps!

Sravan 
(@sravan)
Script Novice
| 35Posts
0 23 0

@sravan Great advice.Thanks Sravan.

By Tech Tinker Topic starter 20/03/2024 10:27 pm
 
Add a comment
Forum Jump:
Next Topic  
Topic Tags:  Linux Security (2) ,
Share: