
How To Secure A Linux Server
An evolving how-to guide for securing a Linux server with detailed steps and explanations.
How To Secure A Linux Server Description
An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. Table of Contents: - Introduction - Guide Objective - Why Secure Your Server - Why Yet Another Guide - Other Guides - To Do / To Add - Guide Overview - About This Guide - My Use-Case - Editing Configuration Files - For The Lazy - Contributing - Before You Start - Identify Your Principles - Picking A Linux Distribution - Installing Linux Pre/Post Installation Requirements - Other Important Notes - Using Ansible Playbooks to secure your Linux Server - The SSH Server - Important Note Before You Make SSH Changes - SSH Public/Private Keys - Create SSH Group For AllowGroups - Secure /etc/ssh/sshd_config - Remove Short Diffie-Hellman Keys - 2FA/MFA for SSH - The Basics - Limit Who Can Use sudo - Limit Who Can Use su - Run applications in a sandbox with FireJail - NTP Client - Securing /proc - Force Accounts To Use Secure Passwords - Automatic Security Updates and Alerts - More Secure Random Entropy Pool (WIP) - Add Panic/Secondary/Fake password Login Security System - The Network Firewall With UFW (Uncomplicated Firewall) - iptables - Intrusion Detection And Prevention with PSAD - Application Intrusion Detection
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.