Introduction:

In this section we will cover things we can do to make

your server more secure.

Keep in mind there is no such thing as 100% secure

system and that is why you want to include regular
backups and auditing as part of your security plan.

If your server is connected to the internet there is

always a possibility that its security can be compromised
so the idea behind security is to minimize the attacks
on our system as much as possible.

If your security is tight then an attacker may move on

to an easier target.

- Below are things you want to implement and consider when

planning your system's security:

- Physical Security

- Keep the software up to date

# yum update

- Employ the Principle of Least Privilege

- Use Encryption

- Avoid Non-Secure Protocols

- Clean up your systems

# rpm -qa > /tmp/installedpackages.txt

- Minimize number of services per system

- Enfore a good password policy

# chage
# /etc/login.defs

- Disable root login

# /etc/ssh/sshd_config

- Disable Unneeded Services

# chkconfig --list (RHEL 6)
# systemctl list-unit-files (RHEL 7)

- Delete X Windows
# yum groupremove "X Windows System"

- Implement a Firewall
# firewalld daemon for RHEL 7 and iptables
Covered in detail in the Firewall section.

- Separate Partitions
/home
/tmp
/var
/
/boot

- Block SSH attacks

# /var/log/auth.log
# /etc/hosts.deny
# yum install denyhosts
Change default SSH port 22.

- Perform Security Scans and Audits

- nmap (yum install nmap)

- Nessus

- Use Sudo
# /etc/sudoers
# visudo

- Use lastlog
# lastlog
# lastlog -u username

Shows recent login info

- last command shows list of last logged in users

# last
# last username

- Additional Security Tools

Wireshark
Snort
Aircrack
John the Ripper

- Regular Backups
Free open source backup tools:
- Bacula
- rsnapshot
- DRBD
- Amanda