HPE Community
Operating System - Linux
1752483 Members
5896 Online
108788 Solutions
New Discussion юеВ

Re: How to secure LINUX BOX from Hacking

 
SOLVED
Go to solution
Ivan Ferreira
Honored Contributor

тАО04-17-2007 01:37 AM

тАО04-17-2007 01:37 AM

Re: How to secure LINUX BOX from Hacking

>> What u suggested is correct,somebody trying to hack my m/c.I found the ssh log failures in /var/log/secure for every few minutes and 4 to 5 failed login attempts... are found.
let me know what i can do in this problems..

Once I changed the default SSH port to anotherone, so basic attacks can be stopped.

You should also configure the following options in the sshd_config file:

PermitRootLogin no

And you can restrict who can login with SSH by configuring:
AllowUsers or AllowGroups

You can have a even more secure environment if you use only public keys and disable password authentication:

PasswordAuthentication no
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
palaniappan.sp
Regular Advisor

тАО04-17-2007 02:12 AM

тАО04-17-2007 02:12 AM

Re: How to secure LINUX BOX from Hacking

Hi ivan,

Actually I had changed the port of ssh and implemented iptables,cancel the permission for root login.
but i didn't do the public key authentication..Thanx for remaining this...
could u pls explain the usage of audit2allow command with example..
I am parallely collecting details regarding this....

Regds,
palani.
Everything is Possible and Anything is Feasible if u try
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

тАО04-17-2007 02:14 AM

тАО04-17-2007 02:14 AM

Re: How to secure LINUX BOX from Hacking

Please See this page:

http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/selg-section-0120.html

Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Colin Topliss
Esteemed Contributor

тАО04-19-2007 02:45 AM

тАО04-19-2007 02:45 AM

Re: How to secure LINUX BOX from Hacking

If you want to look at blocking access from IP addresses that have attempted to access your servers without authorization, you could also look at portsentry and swatch.

Portsentry can be found at
http://sourceforge.net/projects/sentrytools/

Swatch can be found at
http://sourceforge.net/projects/swatch

I use swatch (which unfortunately requires you to create a config file for it for it to be of any use) to update my firewall to block IP address that attempt to SSH to my system with a username not in my username list. The trouble is of course is that the firewall blocked list can become quite large... :-)

Colin.
0 Kudos
Reply
Rick Garland
Honored Contributor

тАО04-23-2007 08:40 AM

тАО04-23-2007 08:40 AM

Re: How to secure LINUX BOX from Hacking

There is a book from O'Reilly called "Linux Security Cookbook". It has descriptions of the above posts with examples.



0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.