Security

TIPS

Disable password based SSH

• disable-password-authentication
• Also have a pass phrase for key authentication

//ubuntu To disable password authentication

//change to following setting in file /etc/ssh/sshd_config (default yes)

PasswordAuthentication no

• Restart SSHD service More at Key based logins

User

• Avoid using the root account
• Create unique accounts for each user
• Assign only necessary resource access to users (Check permissions regularly)
• Admin power only by sudo
• Sticky bits

Storage

• Disk encryption at rest
  • In ubuntu, during installation can choose encryption of disk
  • AFter install can use ecryptfs-utils and cryptsetup
  • home dir encryption
  • full disk encryption

Web Application

• HTTPS (Certificate)
  • letsencrypt
  • certbot

Network security

• Managing network ports

PORT scanning

//current machine

nmap -v -sT localhost

//o/p:

PORT STATE SERVICE

1036/tcp open nsstp

5900/tcp open vnc

//other machine

nmap -v -sT www.vrslick.com

PATCHES

• OS patches
  • Say Ubuntu Security Notice
• Software patches (check your application supports)

//debian

sudo apt update

sudo apt upgrade

//centos

yum update

HACKING

• If there is an intrusion/ attack alert, have some script which checks for inProgress important transactions like DB..etc & bring the server/ services down to disconnect machine from external sources.
• Use same script to disconnect server during night/ weekend/ non-required hours & connect back at specified time/ interval
• Have an detached regular back up
• Check, can we do kernel lock or prevent any further software installation by freezing packages?
• Login Alerts in MS teams..etc