[IMG]http://rightonthruhere.thejefffiles.com/linuxsecurity/tux.jpg[/IMG]
Linux server security guide
A lot of servers out there use Linux. It's powerful, free, easy to use, and it's secure (a little bit of sarcasm there :cheesy:). How secure though? Actually, without the right knowledge and procedure, your server could be one of the many vulnerable servers out there on the Internet right now. And hackers can find you, too! So, what can you do about it?
The Firewall
The very first thing you should do is make sure you have a firewall running. It's the first line of defense security-wise, against hackers and other threats.
Many routers come with built-in firewalls. Although these aren't as configurable as Linux firewalls, they can be used, and are very easy to set up. If you're using your router as the internet gateway, then sure, go ahead and use it as a firewall.
For Linux, one of the most popular and configurable firewalls is Iptables. Check to make sure you have it installed, and if not, open up your package manager and install it.
Now you need to configure and enable it. Configuring Iptables is quite a task, so if you're willing to put a lot of time and effort into it, try checking out the following articles:
http://www.cae.wisc.edu/site/public/?title=liniptables
http://www.governmentsecurity.org/archive/t1476.htm
l[IMG]http://rightonthruhere.thejefffiles.com/linuxsecurity/iptables.png[/IMG]
iptables before any rules have been added
Now quite often I don't have enough time to do this, especially when there's lots of ports to open and close, depending on what daemons I'm running. For an easier configuration, I use Firehol. It's a shell script that reads a simple configuration file, and then automatically configure Iptables. It's very easy to use, and I suggest you look into this if you find the Iptables configuration too daunting.
Now that you're done that, you can move onto some finer details.
Services
Services, or sometimes known as daemons, are programs that run in the background constantly doing tasks. On a server, common daemons include Apache (webserver)/PHP/MySQL, FTP (file transfer), and SSHd (remote login). These programs have all been written with internet security in mind, but there still are vulnerabilities. There are ways to minimize them.
One of the best ideas is this: don't run services that you don't need. If you aren't running a webserver, don't run Apache. If you don't ever use the SMB protocol, turn of Samba. It's as simple as that. You can check which services and processes are running by using the ps command. For example:
ps -aux | morewill print every single process running on the machine. Make sure that there aren't any unneeded ones.
[IMG]http://rightonthruhere.thejefffiles.com/linuxsecurity/services.png[/IMG]
listing the services
Also, keep your software updated with the latest bug fixes and patches. Developers are constantly releasing new versions and security updates. Having old services running means that you can get exploited very quickly.
Passwords
One of the number-one ways systems get hacked is by guessed passwords. Don't choose bad passwords. A good password policy for a server would be that every password has to have at least 2 numbers and letters, and the total length should be no shorter than 6 characters. For example, if your name was Smith:
mrsmithwould be a very bad password. A much better one would be:
2thed1ctiionaryIt's fairly easy to remember, has 2 numbers, and is 15 characters long. Also, passwords should also get changed every month.
Social
Another way hackers use is social hacking. This may include getting physical access to the server, pretending to be the boss, and then getting a secretary at a company to give up the password, among others. Make sure that the server is in a secure place, and that the passwords are kept secret.
Conclusion
Even Linux is not "secure" (at least, not at first). But with a little bit of work, you can turn your machine into something fairly difficult to break into.
Hope this helped