Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Linux Security Cookbook

You're reading from   Practical Linux Security Cookbook Secure your Linux machines and keep them secured with the help of exciting recipes

Arrow left icon
Product type Paperback
Published in Apr 2016
Publisher Packt
ISBN-13 9781785286421
Length 276 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Michael A Lindner Michael A Lindner
Author Profile Icon Michael A Lindner
Michael A Lindner
Tajinder Kalsi Tajinder Kalsi
Author Profile Icon Tajinder Kalsi
Tajinder Kalsi
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Linux Security Problems 2. Configuring a Secure and Optimized Kernel FREE CHAPTER 3. Local Filesystem Security 4. Local Authentication in Linux 5. Remote Authentication 6. Network Security 7. Security Tools 8. Linux Security Distros 9. Patching a Bash Vulnerability 10. Security Monitoring and Logging Index

Configuring server security

A major reason for malicious attacks on Linux servers has been poorly implemented security or existing vulnerabilities. When configuring a server, security policies need to be implemented properly, and ownership needs to be taken in order to properly customize the server.

How to do it…

General Policy:

  • The administration of all the internal servers in an organization is the responsibility of a dedicated team, which should also keep a look out for any kind of compliance. If any compliance takes place, the team should accordingly implement or review the security policy.
  • When configuring internal servers, they must be registered in such a way that the servers can be identified on the basis of the following information:
    • Location of the server
    • The operating system version and its hardware configuration
    • Services and applications that are being run
  • Any kind of information in the organization's management system must always be kept up to date.

Configuration Policy:

  • The operating system on the server should be configured in accordance with the guidelines approved for InfoSec.
  • Any service or application not being used should be disabled wherever possible.
  • All access to the services and applications on the server should be monitored and logged. They should also be protected through access-control methods. An example of this will be covered in Chapter 3, Local Filesystem Security.
  • The system should be kept updated, and any recent security patches, if available, should be installed as soon as possible.
  • Avoid using a root account to the maximum extent. It's preferable to use security principles that require the least amount of access to perform a function.
  • Any kind of privileged access must be performed over secure channel connection (SSH) wherever possible.
  • The server should be accessed in a controlled environment.

Monitoring Policy:

  • All security-related actions on server systems must be logged, and audit reports should be saved as follows:
    • For a period of 1 month, all security-related logs should be kept online
    • For a period of 1 month, daily backups as well as weekly backups should be retained
    • For minimum of 2 years, full monthly backups should be retained
  • Any event related to security being compromised should be reported to the InfoSec team. They shall then review the logs and report the incident to the IT department.
  • A few examples of security-related events are as follows:
    • Port scanning-related attacks
    • Access to privileged accounts without authorization
    • Unusual occurrences due to a particular application being present on the host

How it works…

Following the preceding policy helps in the base configuration of the internal server that is owned or operated by the organization. Implementing the policy effectively will minimize any unauthorized access to sensitive and proprietary information.

There's more…

There are some more things to discover when we talk about security in Linux.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image