This document is intended to provide basic and mid-level tips for securing your Linux system.
These tips are designed to apply to most Linux distributions however you may need to consult with help documentation for your particular distribution if some of the commands do not work for you.
- Use a strong password (mix numbers, capital letters, and symbols) with length of eight or more characters.
- Never log in as root and use sudo instead to execute commands with admin privileges when needed.
- Maintain software updates.
- On Red Hat systems: issue command:yum update
- On other Linux Systems:apt-get update, then apt-get upgrade Be sure to log off and lock the system when you leave it.
1. Disable Unnecessary Services
Sometimes viruses will install services which run on boot. Check what services are set to boot by the following command:
A service can be disabled by:
/sbin/chkconfig servicename off
A good GUI for firewalls on Linux: https://launchpad.net/ufw
3. Install Anti-virus
A good program is ClamAV.
4. Use SELinux
Find information on SELinux here.
5. Configure or Disable SSH
If you do not use SSH disable it:
/sbin/chkconfig sshd off
If SSH is required then edit the following config file:
Find #PermitRootLogin yes and change it to PermitRootLogin no.
6. Disable Telnet if you do not use it
As root, edit the file /etc/xinetd.d/telnet and change disable = no to disable = yes
Save the file and exit. Restart xinetd through /etc/init.d/xinetd restart