Options
Ubuntu Server Setup initial hardening / security
One for Nightshade, Tecromancer, Unixguy 
Good afternoon guys
I am working on a Ubuntu Server project my progress so far is I have installed the operating system in a RAID1 configuration I have enabled the root account, updated the packages, configured a static IP address and have installed SSH for remote access the server is currently running headless.
My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.
When dealing with a fresh server install what are the first things you do / lockdown this would be a great help!
1) Root Access best approach should I disable the root account and setup a user with admin privilages
2) SSH best approach to secure? change the port number? key authentication?
3) Firewall best iptables or UFW? I want something easy to configure
4) Fail2ban? any good noob freindly guides
5) On Red Hat derivatives you have chkconfig is there a similar utility for Ubuntu to view all services
Any guides / best approaches on basic server hardening / securing would be greatly appreciated
Good afternoon guys
I am working on a Ubuntu Server project my progress so far is I have installed the operating system in a RAID1 configuration I have enabled the root account, updated the packages, configured a static IP address and have installed SSH for remote access the server is currently running headless.
My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.
When dealing with a fresh server install what are the first things you do / lockdown this would be a great help!
1) Root Access best approach should I disable the root account and setup a user with admin privilages
2) SSH best approach to secure? change the port number? key authentication?
3) Firewall best iptables or UFW? I want something easy to configure
4) Fail2ban? any good noob freindly guides
5) On Red Hat derivatives you have chkconfig is there a similar utility for Ubuntu to view all services
Any guides / best approaches on basic server hardening / securing would be greatly appreciated
Microsoft's strategy to conquer the I.T industry
" Embrace, evolve, extinguish "
" Embrace, evolve, extinguish "
Comments
-
Options
JockVSJock
Member Posts: 1,118
For a quick fix, you can install BastilleLinux which are various scripts that can help secure a Linux Server. There are packages for Ubuntu here.***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown -
Options
ally_uk
Member Posts: 1,145 ■■■■□□□□□□
Hey thanks that's good to know added to my reference Microsoft's strategy to conquer the I.T industry
" Embrace, evolve, extinguish " -
Options
yzT
Member Posts: 365 ■■■□□□□□□□
My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.
Ok, now format the server and start over!
First thing you have to do before put the server LIVE is to harden it.