background preloader

25 Hardening Security Tips for Linux Servers

25 Hardening Security Tips for Linux Servers
Everybody says that Linux is secure by default and agreed to some extend (It’s debatable topics). However, Linux has in-built security model in place by default. Need to tune it up and customize as per your need which may help to make more secure system. Linux is harder to manage but offers more flexibility and configuration options. Securing a system in a production from the hands of hackers and crackers is a challenging task for a System Administrator. This is our first article related to “How to Secure Linux box” or “Hardening a Linux Box“. 1. Configure the BIOS to disable booting from CD/DVD, External Devices, Floppy Drive in BIOS. Set GRUB Password to Protect Linux Servers 2. It’s important to have different partitions to obtain higher data security in case if any disaster happens. / /boot /usr /var /home /tmp /opt 3. Do you really want all sort of services installed?. # /sbin/chkconfig --list |grep '3:on' # chkconfig serviceName off # yum -y remove package-name 4. # netstat -tulpn 5.

Related:  Security/EncryptionRéseauServer and Sharing - How-To, Guides

Security in Ubuntu, Linux Mint and Debian: an explanation and some tips - Easy Linux tips project This website is being sponsored by Google Ads. Are you using an ad blocker? Then you're also blocking my earnings from advertisements.... Securing Your Linux Server by Jon Buys - Jun. 10, 2013Comments (3) Mark Kedgley has a succinct overview of recommended steps to take to harden a linux server over at Ezine Articles. The article is not all inclusive, but it does contain a fairly good summary. untitled After two years of hard work Subgraph OS is finally available for alpha download! Please note that this software is still in alpha and much testing and bug fixing still has to be done. We strongly encourage you to read the caveats/troubleshooting before you start. System Requirements Anything that can comfortably run GNOME 3:

Upgrading Ubuntu via Command Line — LAWR IT Purpose If you are running the server version of Ubuntu or choose to not use the GUI, you can upgrade Ubuntu to a newly released version through the command line apt-get utility. Prerequisities Check that there is a new release available. Make sure your current version isn't too old to upgrade through packages. Encryption Works: How to Protect Your Privacy in the Age of NSA Surveillance Warning: This guide has not updated in over a year. Freedom of the Press Foundation is working on an updated version. If you're interested in contributing, or have ideas for what this guide should cover, please submit issues on GitHub Download: [en] PDF, LibreOffice ODT • [pt] PDF, LibreOffice ODT How to Setup and Configure an OpenVPN Server on CentOS 6 Introduction This article will guide you through the setup and configuration of OpenVPN server on your CentOS 6 cloud server. We will also cover how to configure your Windows, OS X, or Linux client to connect to your newly installed OpenVPN server. Before we begin, you'll need to have the Extra Packages for Enterprise Linux (EPEL) Repository enabled on your cloud server. This is a third party repository offered by the Fedora Project which will provide the OpenVPN package. wget rpm -Uvh epel-release-6-8.noarch.rpm

Ubuntu Remote Desktop: Built-In, VNC Compatible & Dead Easy Using Ubuntu Remote Desktop you can have total control over your desktop from any other computer: Linux, Mac or Windows. You’ll see what’s on that screen and be able to move the mouse and even type. Best of all, the feature is built into the operating system by default, so you won’t have to install a thing. Let’s check it out! Turning Ubuntu Remote Desktop On Secure Contacts Updated 2/22/16 to add Ricochet and change a Jabber address This page explains how to reach me privately, using the best available security tools. Best available does not mean perfect, but surveillance of these channels is costly, difficult and far less likely than the usual alternatives. If you are a beginner, or if too many choices make your head hurt, I'm happy to choose for you. Clear your browser. Find another computer, away from home and work, perhaps at a library or cafe.

VNC Remote Desktop on Linux This article describes how to set up and use remote desktop sessions on Linux using VNC (Virtual Network Computing). VNC is a remote display system that enables you to start a desktop environment on one machine and access it from other computers through an Internet connection. You can set up persistent desktops which will be maintained while you disconnect, so you can continue working exactly where you left off when you re-connect. This is useful for example when you want to work on the same "desktop" from different locations, and it can be used to run a desktop environment on a server that you don't have physical access to or doesn't have a terminal attached (monitor and keyboard). All you need is a network connection.

Is email encryption, as claimed by ProtonMail, possible? Strictly speaking it is not possible, for the following reason: if the Web service encrypts the message, then the Web service gets to see the unencrypted message at some point (note: I write service, not server). At best, the service may be honest and do its best not to have a look at the messages at they flow. Now let's see the claims of that "ProtonMail" service: Swiss Based. Well, I see no reason to find this implausible. Switzerland is a real country and there are people who live there.