Language Selection

English French German Italian Portuguese Spanish

Six Easy Steps to Make a Super Secure Linux Server

Filed under
Linux
HowTos

Curiously many Linux administrators out there are clueless about properly securing or configuring a server. The following steps can significantly increase the stability and security of any Linux server. These tips are all easy and quick to do as each can be completed in less than fifteen minutes!

1.) Installing latest security updates. Of course, Linux is an amazing OS- but all software has security issues. Enabling the automatic updates installation through a cron script is the most foolproof and easiest way to make sure that your server security isn’t compromised. You have no excuse to not install the most recent security updates- earlier packages are stored in the package archives just in case there is a compatibility or stability issue.

2.) Disabling root login via SSH. Admittedly, we all have been guilty of this occasionally. Let’s just face it, people like being able to easily and quickly log into the servers, and change important settings. However, if you are using password authentication, what is to keep others from logging into your system? Additionally, you shouldnt use password authentication on any Linux servers, to prevent someone else from logging into the server. Instead, activate RSA signed authorization keys. It is safer, since an attacker wont be able to guess and brute-force a login session.

Rest Here




More in Tux Machines

First Open Automotive Grade Linux Spec Released

Since its inception, the Linux Foundation's Automotive Grade Linux project has promoted itself as a collaborative open source project. With the release of the first AGL Requirements Specification for Linux-based in-vehicle infotainment (IVI), AGL has earned that description more than ever. Read more

Qt 5.4.2 Released

Today we have released Qt 5.4.2, the second patch update to Qt 5.4. In addition to improvements and fixes to Qt functionality it also packs new Qt Creator 3.4.1. Read more

diet4j: run Maven modules directly, and avoid gigantic JARs and WARs

Maven is great for breaking gigantic code bases into many little modules, with identified dependencies. This allows incremental builds etc. And then, to run that code, we usually put all together again into a uber-mega-JAR or WAR, or with mile-long class paths. While sometimes this makes sense, often it does not. diet4j can run command-line apps, and Tomcat web apps, similarly to how maven builds projects: simply specify the name of the top project, and diet4j assembles all the other JARs automatically for the run. E.g. if your project hierarchy looks like this:
    Project A
        Project B
            Project C
        Project D
you can say:
> diet4j A
which will read the POM in A.jar (in ~/.m2/repository, or a location of your choosing), determine run-time dependencies, then recursively look for B.jar, C.jar and D.jar, load them into separate ClassLoaders, hook up dependencies and jump on the main program (if it has one) of Project A. It may not be for all people, but it is for some who want to distribute changes incrementally, avoid rebuilding gigantic JARs every time some small change needs to happen, fit better into Linux-style package management etc. It’s also great for dynamically finding and loading modules without restarting the application. We’d love some feedback, it’s early days. http://diet4j.org/

today's leftovers

  • June 2015 Issue of Linux Journal: Networking
  • Dell Bets On Ubuntu
    Anyone who needs proof only needs to look at what Dell is doing these days. It’s cutting the chain that has bound them exclusively to Redmond and placing heavy bets on Ubuntu.
  • Kernel 4.1 RC6 Has Been Released
    Kernel 4.1 RC6 has been released, being a big release, full of updated drivers for SCSI, GPU, RAID, DM, and networking, architecture enhancements, XFS, OverlayFS and CIFS improvements, networking patches and updated documentation.
  • [Krita] Twenty-four hours to go…
    The current score is €2675 donated through paypal and €28,463 pledged on Kickstarter! That’s a total if €31,138. That’s seven-and-half stretch goals! Two, however, are already claimed by the choose-your-stretch-goal award.
  • Red Hat Leaders Named to 2015 CRN Women of the Channel List
    This marks the third year in a row that Rachel Cassidy, vice president of Global Partner Enablement, and Margaret-Ann Bolton, senior director of Global Partner Marketing, have been recognized by CRN for their leadership, vision, and dedication to channel programs. In addition, this marks the second year in a row that Cassidy has been recognized as one of CRN's Power 100. The Power 100 spotlights an elite subset of Women of the Channel honorees whose insight and influence in their respective companies help drive channel success.
  • Exploratory Testing and Fedora
    Being Fedora what we could define “a bleeding edge distro”, whenever we perform Exploratory Testing, we certainly have the opportunity to raise the quality of the shipped packages. I’d also say that this process must not substitute automated/scripted testing, which is a fundamental aspect of software development. Modern approaches like Test Driven Development and Behavior Driven Development can assure that the key parts of the application works as intended. Moreover, the Test Cases designed by Fedora QA are handy procedures that check whether the release criterion are met or not and assure that the main features aren’t affected by severe bugs. Indeed, Exploratory Testing is always helpful in order to highlight surprises which aren’t currently covered by common situations and recommended steps.
  • Updated color palette for Askbot mockups
    This is the updated color palette that I'm using for creating mockups for Askbot. This color palette comply with the Fedora color palette given here.
  • Updated mockups for Askbot
    According to the feedback received from the mentors, I updated the mockups that I have created for Askbot using colors used in the Fedora color palette and also giving more focus on the grid system. I have included some little user experience improvements also in these mockups and we are planning to discuss further on user experience of Askbot as well.
  • Cinnamon 2.6.x Will Be Added To The Default Repositories Of Linux Mint 17.2 And LMDE 2 In The Next Few Days
  • Vote now for your favorite hacker SBCs; maybe win one!
    Read our detailed post describing this year’s survey, and then fill out our short 2-minute survey. Pick your favorite three SBCs from this list or write-in your own alternatives, answer a few questions about what you’re looking for in a hacker board, and then enter the drawing for the chance to win one of 20 free SBCs.
  • Ubuntu Touch OTA-4 RC Has Been Released, The Final Version Should Reach The Bq Phones Next Week
    As you may already know, Canonical has worked a lot at Ubuntu Touch lately and the fourth update (OTA 4) is scheduled for release next week, the update being available only on the Bq Aquaris E4.5 Ubuntu Edition.
  • The Highlights Of The Ubuntu Touch OTA-4 Update
    The indicators icons have been all made monochromatic, the Address Book has received support for importing SIM contacts, a new settings panel and improved the first improved first time user experience for contact sync/import, the Messaging app has received support for group chat, the News scope has received an improved layout, the Today, Nearby and News scopes got support for keywords and scope tagging has been implemented.