Linux seems to be the most secure and powerful server, but remember nothing is secure in the world you have to make the thing secure, if you are running Linux server and not patched it than it may be compromise so the point is that an administrator should make the box secure from hackers (crackers). There are different level of security like application layer security means web application security like SQL-Injection, XSS.
Application layer security is not the point of this article, in this article I will discuss Linux server hardening security tips.
Use Strong Passwords
I consider that you have an idea about the importance of passwords and password based attack, so use strong password that has upper and lower case alphabet, numbers and special characters, try to make the password policy strict.
Use Cryptography
Cryptography the art of secrete communication, all the data that goes through network may be sniffed so use encryption technique to secure your data. Use OpenVPN is a cost-effective, lightweight SSL VPN. Use scp, ssh, rsync, or sftp for file transfer.
Avoid Remote Log Ins
As mentioned on the previous tip that data goes on the network may be captured, services like FTP, Telnet, and different file transfer protocols may be compromised so avoid using these services by a remote location if you need to use these services than you must use secure channel like use OpenSSH, FTPS etc.
Patched Management
here are different exploits available for different software(s) and services, so make sure to follow the patch management strategy to keep update your Linux kernel and all the software's and services running on that server. Keep up to date your OS to secure the Linux, if you have a question like why patch management and about patch management policies than follow the link to learn.
Use Intrusion Detection Systems
Firewalls has different limitation so use intrusion detection systems (IDS), you must be configure both network IDS (NIDS) and host IDS (HIDS) to protect the attacks like DOS,port scanning etc. We have discussed about IDS in different articles with detail click here to learn.
Use Linux Security Extensions
To secure the Linux kernel is the key point to secure the Linux server, there are various security packages available to provide the additional security to Linux kernel, try to use the software's like SELinux, AppArmor or GRSecurity.
Use Log Management
Use a strong log management policy to keep an eye on the changes and errors, beside Linux built in log management files there are different software's that provides auditing and log management policies.
Recommended reading: 20 Linux Server Hardening Security Tips
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.
No comments:
Post a Comment