hardening server is a proces
securing server. this is an important thing to do remembering how many server
is attacked by hackers. we can't just rely on firewall configuration on
the os that has setting defaultly, we have to setting manually if we want to
optimize security on our server. this is some step that can be used to securing
your server optimaly
1.
Set bios for disable booting and connect from
external device (usb, cd/dvd, etc)
2.
Protect bios, GRUB loader, and login with strong
password. Remember don't use easy password(admin, admin123, secret123, etc),
combine your password with alphabet, number and character. this will protect
you from dictionary attack
3.
Separate your partition, make sure sytem file,
third party packet installation and private data is configured seperately. it
will help you to secure your data, in case if any disaster happens, just the
data on that partition will be damaged while data in other partition is
survived.
4.
Check listening network port with
netstat -tulpn
or
lsof -l -n -P
close port which does not necesary.
5.
Minimize your service and your package. find
your unwanted service or package with command
sysv-rc-conf --list | grep '3:on'
after that disable it using
sysv-rc-conf servicename off
use RPM manager such as apt-get or yum for list all
available and remove unwanted package
6.
Use iptables for managing packets, you can type
it on "/etc/rc.local" after that type command
/etc/init.d/rc.local start
to start the iptables rule.
make sure you
type it before "exit 0"
7.
Review log regulary
/var/log/message – Where whole system logs or
current activity logs are available.
/var/log/auth.log – Authentication logs.
/var/log/kern.log – Kernel logs.
/var/log/cron.log – Crond logs (cron job).
/var/log/maillog – Mail server logs.
/var/log/boot.log – System boot log.
/var/log/mysqld.log – MySQL database server log
file.
/var/log/secure – Authentication log.
/var/log/utmp or /var/log/wtmp : Login records file.
/var/log/yum.log: Yum log files.
8.
Back up your important data
9.
Keep update your system for minimize
vulnerability on your system
10.
Install firewall like
honeypot, portsentry, csf or anything. but remember, don't over install
firewall to much, it will take effect on your system.
11.
Enable
Security-Enhanced Linux (SELinux). SELinux is security mecanhism provided in
the kernel. use command
sestatus
if it is disabled use
setenforce enforcing