Ubuntu Server Setup initial hardening / security

ally_ukally_uk Member Posts: 1,145 ■■■■□□□□□□
One for Nightshade, Tecromancer, Unixguy :)

Good afternoon guys

I am working on a Ubuntu Server project my progress so far is I have installed the operating system in a RAID1 configuration I have enabled the root account, updated the packages, configured a static IP address and have installed SSH for remote access the server is currently running headless.

My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.

When dealing with a fresh server install what are the first things you do / lockdown this would be a great help!

1) Root Access best approach should I disable the root account and setup a user with admin privilages
2) SSH best approach to secure? change the port number? key authentication?
3) Firewall best iptables or UFW? I want something easy to configure
4) Fail2ban? any good noob freindly guides
5) On Red Hat derivatives you have chkconfig is there a similar utility for Ubuntu to view all services

Any guides / best approaches on basic server hardening / securing would be greatly appreciated
Microsoft's strategy to conquer the I.T industry

" Embrace, evolve, extinguish "

Comments

  • JockVSJockJockVSJock Member Posts: 1,118
    For a quick fix, you can install BastilleLinux which are various scripts that can help secure a Linux Server. There are packages for Ubuntu here.
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
  • ally_ukally_uk Member Posts: 1,145 ■■■■□□□□□□
    Hey thanks that's good to know added to my reference :)
    Microsoft's strategy to conquer the I.T industry

    " Embrace, evolve, extinguish "
  • yzTyzT Member Posts: 365 ■■■□□□□□□□
    ally_uk wrote: »
    My next challenge is securing the box and as we speak I am probably being hacked to death as I have no security or hardening on there at the moment. The questions I have are below.

    Ok, now format the server and start over! :D

    First thing you have to do before put the server LIVE is to harden it.
Sign In or Register to comment.