Ubuntu Server Setup initial hardening / security

One for Nightshade, Tecromancer, Unixguy

Good afternoon guys

I am working on a Ubuntu Server project my progress so far is I have installed the operating system in a RAID1 configuration I have enabled the root account, updated the packages, configured a static IP address and have installed SSH for remote access the server is currently running headless.

My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.

When dealing with a fresh server install what are the first things you do / lockdown this would be a great help!

1) Root Access best approach should I disable the root account and setup a user with admin privilages
2) SSH best approach to secure? change the port number? key authentication?
3) Firewall best iptables or UFW? I want something easy to configure
4) Fail2ban? any good noob freindly guides
5) On Red Hat derivatives you have chkconfig is there a similar utility for Ubuntu to view all services

Any guides / best approaches on basic server hardening / securing would be greatly appreciated

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

JockVSJock

For a quick fix, you can install BastilleLinux which are various scripts that can help secure a Linux Server. There are packages for Ubuntu here.

ally_uk

Hey thanks that's good to know added to my reference

yzT

ally_uk wrote: »

My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.

Ok, now format the server and start over!

First thing you have to do before put the server LIVE is to harden it.