0

I am trying to secure a Linux server but i even also want to know the types of vulnerabilities associated and the attacks that happen and how so that i can completely understand securing a server

jhonny blaze
  • 1
  • 3
    Really depends on what role this Linux server is playing on your network, what applications or services are running on it, whether it's internal or publicly-facing... basically you need to provide more details here. – gravyface Feb 07 '11 at 15:28
  • This is an incredibly over-broad question. The best answer I can give is to remove all cables and fill all ports with non-conductive epoxy. If you would like to narrow the scope of your question maybe someone can give better advice. – voretaq7 Feb 07 '11 at 15:42
  • ya i was thinking more of configurations for as of iptables and ssh configurations and some other services such as apache and logs – jhonny blaze Feb 07 '11 at 16:17
  • Explore the [security](http://serverfault.com/questions/tagged/security?sort=votes) tag on this site. Tons of great information. – Steven Monday Feb 08 '11 at 02:32

3 Answers3

2

There is no way to fully inform you how to "secure" a system in this format (this website). It's a huge topic, because it requires understanding how your server is to be used, who's using it, what applications are on it, etc...

You can get generic advice like only running essential services, closing ports that are unused or unneeded, auditing your applications, backup regularly, monitor logs (or offload logs to another server), watch for unusual activity, install file monitoring software, keep up to date, etc...but again how these things are implemented and how effective they are in your environment vary.

You need to fully understand security as a layered approach and asking how to secure "a linux server" implies that you are already missing the most important aspect...most security problems come from people. Your users, how it's to be used, your policies, etc. A very secure system is nearly unusable by the people it's intended to serve, and a fully open system is extremely convenient but also "pwned" within minutes. But at least the users are happy.

Subscribe to blogs, keep up to date with vulnerability checks, and if you can narrow down your question and provide more details in a separate question thread I'm sure we can help you a little better. We need more focus in order to offer assistance, really. The topic is too open.

Bart Silverstrim
  • 31,092
  • 9
  • 65
  • 87
1

Implementing Network Security in CentOS/RedHat Servers is a great introduction to Linux network security - it isn't a walkthrough - it explains things in depth, and well worth a read.

Despite the title, it doesn't just apply to CentOS/RedHat.

dunxd
  • 9,482
  • 21
  • 80
  • 117
1

How to secure a server in 5 easy steps:

  • Back your stuff up.

  • Don't install/run stuff you don't need.

  • Keep the stuff you do install updated.

  • Watch your stuff constantly to make sure nothing is happening to it.

  • If^H^HWhen something does happen to your stuff, fix it quickly.

LawrenceC
  • 1,192
  • 6
  • 14