How to Secure Linux Servers

hrdedicated
Site Admin
Posts: 50
Joined: Thu May 30, 2013 10:28 pm

How to Secure Linux Servers

Postby hrdedicated » Sat Jun 01, 2013 12:16 pm

How to Secure Linux Servers:

CSF :

Introductions:

Security configuration and set-up for Linux servers exposed to the internet: Any computer connected to the internet will require steps and precautions to be taken to reduce the exposure to hacker threats. Web, mail and DNS servers are especially vulnerable. Large operations will hide behind a CISCO firewall for most of their protection. The Linux server must be configured for network security and have its applications and services configured for security. This tutorial covers steps and tools which can be used to monitor and counteract hacker threats. Simply put, it is security risk management.

Security is a process, not a result. It is a process which is difficult to adopt under normal conditions; the problem is compounded when it spans several job descriptions. All the system level security in the world is rendered useless by insecure web-applications.


1. Install Firewall (APF or CSF Firewall with BFD)

Introduction:

CSF firewall commonly known as Configserver Security and Firewall has become one of the popular firewall not just because of its easy of use it also provides a cpanel interface and can be easily installed and tuned by any novice users. If you are running cpanel without firewall then CSF firewall is very much recommended, considering the security aspects of your server.

Important Features

• WHM Interface for CPanel
• Firewall Running Status
• Easy to Install and Administer
• Brute Force Attack Prevention
• One Click Server Security Checks
• Port scan prevention and blocking
• Intrusion detection system
• Easy Installation and Configuration
• IP Blocking and more.

Installation
============

Installation is quite straightforward:

1. Login to server as root

2. mkdir /root/download

3. cd /root/download

4. wget http://www.configser...om/free/csf.tgz

5. tar -xzf csf.tgz

6. cd csf

7. sh install.sh

8. Then start CSF service: service csf start

9. To stop CSF service: service csf stop

Next, test whether you have the required iptables modules:

perl /etc/csf/csftest.pl

Don't worry if you cannot run all the features, so long as the script doesn't report any FATAL errors

You should not run any other iptables firewall configuration script. For
example, if you previously used APF+BFD you can remove the combination (which
you will need to do if you have them installed otherwise they will conflict
horribly):

sh /etc/csf/remove_apf_bfd.sh

That's it. You can then configure csf and lfd by edit the files
directly in /etc/csf/*, or on cPanel servers use the WHM UI

Uninstallation

==============
Removing csf and lfd is even more simple:

On cPanel servers:

1. Login to server as root user
2. cd /etc/csf
3. sh uninstall.sh

Return to “Hostripples dedicated Servers (Linux/Windows)”

Who is online

Users browsing this forum: No registered users and 3 guests