Linux Security

GNU/Linux Server Security – The Initial Steps

Below are the Steps and the links to the tools which you can use on your GNU/Linux server to make it secure.

Server Security:-

1) If you are not having cpanel / webmin and not good with iptables rules as well you can use APFhttp://www.rfxn.com/projects/advanced-policy-firewall/ however if you are having cpanel then go forhttp://configserver.com/cp/csf.html. Both the utilities provides easy to use interface to configure the firewall rules

2) You can use more tools from this page http://www.rfxn.com/projects/

3) On server where you are not using cpanel you can use.

4) Mail Monitoring Both cpanel and APF supports mail monitoring

5) For http security install Mod_Security http://www.modsecurity.org/. Its a great tool to keep script kiddies at bay

6) Tighten the security on SSH by changing its default port to some other port.

7) Dis allow root logins through SSH.

8) Create an IP allow list so only few people can access SSH.

9) Turn off your telnet service and also set SSH to use ver2 only.

10) For webapp security use PHP+SUEXEC what this does is make it so each user runs as their username instead of running all PHP scripts as user nobody.

11) Change the default SSH port from 22 to some other port.

12) Use rkhunter http://www.rootkit.nl/projects/rootkit_hunter.html to check for rootkits on the server set it up cron to run once in every 24 hours and then send you the email with the results.

13) If you are using cpanel then you should use http://configserver.com/cp/cxs.html

14) Install SpamAssassin and enable RBL lookup in it , this will help to control the spam .