Re: Linux Hardening Tips
Posted:
Wed Jan 21, 2015 11:37 am
by SIbinPhilip
Hi,
Here are some tips for hardening your Server.
1. Encrypt Data Communication with password or using keys / certificates.
2. Minimize Software to Minimize Vulnerability. Remove unwanted packages from your system.
3. One Network Service Per System or VM Instance.
4. Keep Linux Kernel and Software Up to Date.
5. Use Linux Security Extensions. Selinux
6. User Accounts and Strong Password Policy like password aging, Restricting Use of Previous Passwords, Locking User Accounts After Login Failures, Verify No Accounts Have Empty Passwords and Make Sure No Non-Root Accounts Have UID Set To 0.
7. Disable root Login
8. Physical Server Security
9. Disable Unwanted Services
10. Delete X Windows , as it is not required in the server.
11. Configure Iptables and TCPWrappers
12. Separate Disk Partitions
13. Turn Off IPv6
14. Disable Unwanted SUID and SGID Binaries
15. Use A Centralized Authentication Service
16. Secure OpenSSH Server
17. Protecting Files, Directories and Email.
18. Keep /boot as read-only
19. Monitor User Activities
20. Disable Ctrl+Alt+Delete in Inittab.
Hope this might be helpfully.