background preloader

Top 20 OpenSSH Server Best Security Practices

Top 20 OpenSSH Server Best Security Practices
OpenSSH is the implementation of the SSH protocol. OpenSSH is recommended for remote login, making backups, remote file transfer via scp or sftp, and much more. SSH is perfect to keep confidentiality and integrity for data exchanged between two networks and systems. Default Config Files and SSH Port /etc/ssh/sshd_config - OpenSSH server configuration file. SSH Session in Action #1: Disable OpenSSH Server Workstations and laptop can work without OpenSSH server. #2: Only Use SSH Protocol 2 SSH protocol version 1 (SSH-1) has man-in-the-middle attacks problems and security vulnerabilities. Protocol 2 #3: Limit Users' SSH Access By default all systems user can login via SSH using their password or public key. Only allow root, vivek and jerry user to use the system via SSH, add the following to sshd_config: AllowUsers root vivek jerry Alternatively, you can allow all users to login via SSH but deny only a few users, with the following line: DenyUsers saroj anjali foo #5: Disable .rhosts Files #!

20 Linux Server Hardening Security Tips Securing your Linux server is important to protect your data, intellectual property, and time, from the hands of crackers (hackers). The system administrator is responsible for security Linux box. In this first part of a Linux server security series, I will provide 20 hardening tips for default installation of Linux system. Linux Server Hardening Checklist and Tips The following instructions assume that you are using CentOS/RHEL or Ubuntu/Debian based Linux distribution. #1: Encrypt Data Communication All data transmitted over a network is open to monitoring. Use scp, ssh, rsync, or sftp for file transfer. #1.1: Avoid Using FTP, Telnet, And Rlogin / Rsh Services Under most network configurations, user names, passwords, FTP / telnet / rsh commands and transferred files can be captured by anyone on the same network using a packet sniffer. #2: Minimize Software to Minimize Vulnerability Do you really need all sort of web services installed? #3: One Network Service Per System or VM Instance

Welcome to Linux From Scratch! Find Out My Linux Distribution Name and Version byVivek GiteonOctober 25, 2007 last updated December 29, 2013 How do I find out what version of Linux distribution I'm using from the shell (bash) prompt? You can use any one of the following method to find out your Linux distribution and name: a] /etc/*-release file. b] lsb_release command. c] /proc/version file. Method #1: /etc/*-release file To find out what version of Linux (distro) you are running, enter the following command at the shell prompt: $ cat /etc/*-release Sample output from my RHEL v5.x server: Red Hat Enterprise Linux Server release 5 (Tikanga) Sample outputs from my Ubuntu Linux v7.10 server: DISTRIB_ID=Ubuntu DISTRIB_RELEASE=7.10 DISTRIB_CODENAME=gutsy DISTRIB_DESCRIPTION="Ubuntu 7.10" Method #2: lsb_release Command To Find Out Linux Distribution Name/Version The lsb_release command displays certain LSB (Linux Standard Base) and distribution-specific information. No LSB modules are available. How Do I Find Out My Kernel Version? Linux 2.6.32-5-amd64 x86_64 Where, Related media

Noticias de Seguridad Informática - Segu-Info: Manualde Gestión de Incidentes de Seguridad Informática El presente manual ha sido desarrollado en el marco de las actividades del Proyecto AMPARO, una iniciativa de LACNIC con el apoyo de IDRC de Canadá. Este proyecto se propone fortalecer la difusión, conocimiento y atención de la problemática de Seguridad Informática en los distintos países de América Latina y el Caribe fundamentalmente en el ámbito privado de las empresas y organizaciones sociales. El proceso de creación de este manual ha implicado un gran esfuerzo por parte de un equipo de expertos en el manejo de incidentes de seguridad, académicos de diversos países de la región, de alto reconocimiento nacional e internacional y personal de LACNIC, e IDRC, con los que nos ha tocado vivir esta primera fase del Proyecto. A todos ellos un inmenso agradecimiento, porque han hecho posible la creación del primer Manual de Gestión de Incidentes de Seguridad Informática, que será puesto a consideración de la comunidad técnica de América Latina y el Caribe. Contenido: Fuente: Proyecto AMPARO

Tips for Linux Explorers Logcheck -- Logfile Scanner incident report for 04/09/2010 : Apache Infrastructure Team apache.org incident report for 04/09/2010 Apache.org services recently suffered a direct, targeted attack against our infrastructure, specifically the server hosting our issue-tracking software. The Apache Software Foundation uses a donated instance of Atlassian JIRA as an issue tracker for our projects. Among other projects, the ASF Infrastructure Team uses it to track issues and requests. Password Security If you are a user of the Apache hosted JIRA, Bugzilla, or Confluence, a hashed copy of your password has been compromised. JIRA and Confluence both use a SHA-512 hash, but without a random salt. Bugzilla uses a SHA-256, including a random salt. In addition, if you logged into the Apache JIRA instance between April 6th and April 9th, you should consider the password as compromised, because the attackers changed the login form to log them. What Happened? On April 5th, the attackers via a compromised Slicehost server opened a new issue, INFRA-2591. What worked? What didn't work?

25 Best SSH Commands / Tricks OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. The encryption that OpenSSH provides has been strong enough to earn the trust of Trend Micro and other providers of cloud computing.Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions. SSH is an awesome powerful tool, there are unlimited possibility when it comes to SSH, heres the top Voted SSH commands 1) Copy ssh keys to user@host to enable password-less ssh logins. ssh-copy-id user@host To generate the keys use the command ssh-keygen 2) Start a tunnel from some machine’s port 80 to your local post 2001 ssh -N -L2001:localhost:80 somemachine Have Fun

Securing your ssh server One of the most common questions that I see in my favorite IRC channel is: “How can I secure sshd on my server?” There’s no single right answer, but most systems administrators combine multiple techniques to provide as much security as possible with the least inconvenience to the end user. Here are my favorite techniques listed from most effective to least effective: SSH key pairs By disabling password-based authentication and requiring ssh key pairs, you reduce the chances of compromise via a brute force attack. If you’re new to using ssh keys, there are many great guides that can walk you through the process. Firewall Limiting the source IP addresses that can access your server on port 22 is simple and effective. The iptables rules would look something like this: Use a non-standard port I’m not a big fan of security through obscurity and it doesn’t work well for ssh. If you prefer this method, simply adjust the Port configuration parameter in your sshd_config file.

Related: