securitywing

Linux Security Basics

by 1 Comment

The purpose of the Linux security checklist is to help the Linux users, entry-level, to become familiar with the most common security vulnerability of Linux operations systems. As you know security checking needs to be verified against well established practices, the following steps are necessary to following before starting your Linux security checking.

  1. Version number of Linux
  2. How many users use the OS?
  3. How many applications are running in your server?
  4. What are the active services?
  5. If your sever physically secured
  6. Whether modification in Linux configuration needs to go through authorization from senior management
  7. What is your backup plan?
  8. If there is any antivirus software running
  9. Check the access control list of the routers and firewalls, if any, directly connected to your server
  10. Do not use Telnet and FTP since both transmit unencrypted text. Instead use SSH and SFTP for secure connection with other servers or networks.
  11. Power supply unit to your Linux server? Is there any emergency power supply?
  12. Temperature and environmental control of the server room. 

First of all, you need to gather some data from your OS by running a few commands. And then check the result with the best practices to harden the security settings.

 

linux security

In short, you have to do the following checking:

  • Linux administrative security:  File ownership control, password policy, access control to your server
  • Protection against attacks such as DOD and spoofing.
  • Blocking unwanted protocols that may pose a risk to your system

 

Visually check the following things:

Install all the third party software in a different file system other than that of root directory file systems.

The directories that should be checked are  /, /boot, /usr, /var, /tmp,

Things  you need to check up in command prompt

1. Detect and close unnecessary port:

For communication within and outside of your network Linux use tcp and udp ports. Try to identify which ports are necessary and then allow only the ports that are necessary for you. To get a list of active ports run the following commands:

# netstat –tulp

2. Scan your server:

Start a scan from another machine to learn what ports are in listening mode in your Linux server. Use the command:

# nmap -sTU <your host machine>

 3. Stop unnecessary services:

Run the command “chkconfig –list |grep on” to find a list of services that starts when you Linux boot up. Remember not to disable the run level services. Use the following command to stop a service permanently:

# chkconfig  (the name of the service)   off

Normally, xinetd.d is used to monitor and manage the network ports. If your xinetd.d is running, then find out which services are using it. The command to list the services using xinetd.d  is:

# chkconfig –list | awk

For example, if you are only worried about if any FTP ports are opened in your Linux, use the command chkconfig –list ftp to find if this service is still on and to disable it use “chkconfig telnet off” command. Instead of stopping the service you can completely remove that service’s package with “rpm -e telnet-server” command.

4.Limit the use of NFS

As you know that network file system or NFS is extensively used for sharing files and sharing file means allowing others access to your disk space. So, you need to limit the use of NFS. Only allow NFS when you need it. Otherwise, you can enable TCP wrapper with FHS. To check the status of NFS your system uses the command as follows:

# service nfs status

5. Su access control

Control the users’ access with the Su privileges by putting the root users in a group. The command to create a user group with super user permission is given below:

# groupadd rootmembers (users account name with root access)

The security tips given in this article are just the most basic, but important measures to secure your Linux.  If you want to be the master of Linux security then you need to have some more insights about all the Linux services and their functions. It is even better for you if you can learn about Linux kernel and buy a good book about administering Linux.

Update both the system and the application software

If your system is running with outdated OS,  you must update your OS and all the applications. An older version of OS is easy target for attackers because of well known security holes. To update a Debian based Linux use “apt-get update” command and to update CentOS use “yum update” command.

Related Posts:

Comments

  1. Hey There. I came across your blog using search.
    This is a really well written
    article. I’ll make certain to bookmark it and come back to read more of your
    useful information. Thanks a lot for the post.
    I’m going to be back 🙂

Leave a Reply

Your email address will not be published.

Syras is a telecommunication and IT security professional with over 10 years of experience in this field. He has been running his personal blog Securitywing.com since 2010. He has the following certifications:

  • CISA(Certified Information Systems Auditor)
  • CCNP(Cisco Certified Network Professional)
  • Prince2( Project Management)
  • Machine Learning

 

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

audit AWS backup basics browser check cisco cloud computer configuration database email encryption firewall gmail hsrp ids iis informaiton internet it linux load balancing malware microsoft network protection redundancy risk router security security tips server ssh SSL switch test tools vpn vrrp web webserver website windows wordpress
banner