| by Scott Kilroy | No comments

Linux Security

"Yes, I'm paranoid — but am I paranoid enough?" ― David Foster Wallace, Infinite Jest

Hardening Public Servers

  • Install system accounting On Debian based systems run 'apt-get install acct' then you can use commands lastcomm and sa to see who ran various comands. Also a log file will be writen to /var/log/account/pacct
  • Remove compilers from production severs use the command 'apt-get --purge remove gcc'
  • Setup remote logging See http://www.thegeekstuff.com/2012/01/rsyslog-remote-logging/ to find out how

Install fail2ban

Linux.com has a good intro to fail2ban

http://www.linux.com/learn/tutorials/469597-weekend-project-keep-out-repeat-offenders-with-fail2ban-on-linux

Share Button

no related pages

Leave a Reply