Securing your virtual server is step one. AS quickly as possible after it is up, you will need to secure your server.
1. Firewall.
Many are available but we prefer and us iptables on Ubuntu. The Webmin server inteface can easily install, setup and control the frewall. Webmin is optional for all servers. By default you get a bare system install. Same as if you installed the basic server from an ISO of the operating system. So step 1, get a firewall going.
2. Brute force password guessing.
With the SSH port 22 open its unavoidable you will get constant login attemps. Mainly on prot 22. Two options for banning users after X failed attmeps are Fail2ban and OSSEC. Both are log file watchers that will ban abusive users. OSSEC goes one step further and watches your file system for changes. OSSEC has to be downlaoded and installed from OSSEC. Download, run the installer, answer the quesitons and you have a basic version running. You will need to add ALL your log files to monitored.. Be sure read up on the proper install for your type of server. On Ubuntu, fail2ban can be installed on the command line "sudo apt-get isntall fail2ban". By default it blocks attemps on SSH. It can be configured to block more. Its up to you to implement proper security on your machine.
- 0 Els usuaris han Trobat Això Útil