Securing Ubuntu 14.04 LTS

satishtech

Could anyone tell me some really good steps to secure Ubuntu
and also test its security ?

shodown

1. Look into IP tables
2. Don't allow users to login as root
3. If its public facing put it in a DMZ
4. If in a cloud service and only internal company users need to access it, setup a VPN to it.

My cloud business is based off internet facing ubuntu server's learning how to lock them down with IPtables and fail to ban isn't that hard, but does require some time.

discount81

To give a basic run down

I generally block anything on the Firewall that is not required, including entire countries

Remove any services you don't need

Turn off SSH logins and use public key authentication
install modsecurity
install fail2ban
install rootkit hunter
install grsecurity
install snort

DoubleNNs

Install/Run LSAT (Linux Security Auditing Tool) as Post-Install.
Install rkhunter or chkrootkit and run periodically (cronjob?)

Install ClamAV as Anti-Virus and run periodically(cronjob?) (Might be more suited for desktops, not too sure)

Root login should be disabled by default, but have to set up sudo privileges for users other than admin.

I view monitoring tools and logging part of security.

BlackBeret

hardenubuntu.com
blog.mattbrock.co.uk/hardening-the-security-on-ubuntu-server-14-04/

devils_haircut

It would help to know what kind of server this is (LAMP, SFTP, email, etc.) and how it is situated (behind a hardware firewall? in your mom's basement?).