6 Search results

For the term "harden debian".

How To Harden Debian Server

Its not enough to harden just Debain. Its necessary to harden the rest of Apache-MySQL-PHP as well. Harden MYSQL sudo mysql_secure_installation answer Yes to all questions (but no need to change password) Disabling SSH root login and settings sudo vi /etc/ssh/sshd_config change PermitRootLogin yes to PermitRootLogin no LoginGraceTime 120 to LoginGraceTime 30 add line AllowUsers username username username Consider disabling...

Setup a LAMP Server on Debian or Ubuntu

This setup is for Virtual Host server – not a dedicated server with a single domain SSH to your server ssh root@IP Update Debian/Ubuntu apt-get update && apt-get upgrade –show-upgraded -y Create User How To Create a User in Linux Setup SSH for Remote Access With GPG Keys – No Password How To Setup SSH for Remote Access IMPORANT –...

Harden Apache 2.2

sudo vi /etc/apache2/conf.d/security ServerTokens Prod ServerSignature Off sudo vi /etc/apache2/sites-available/default Directory /var/www/html> Options -Indexes /Directory> https://www.linuxquestions.org/questions/blog/rearden888-507430/howto-set-up-modsecurity-on-debian-7-35569/

Start Reverse Tunnel on boot using autossh for Debian 7

As usual, most of the how-to guides out there are too brief (I’m guilty) or apply to other distros: This works on Linux Debian 7 all-around, and this is a complete how to. It works. You just have to follow a very long thread. No A.D.D. here! We will create a Persistent Reverse SSH Tunnel between 2 machines using autossh....

Harden Debian 7 Server with PSAD

Install Port Scan Attack Detector on Debian 7 Server sudo apt-get install psad sudo vi /etc/psad/psad.conf change these lines EMAIL_ADDRESSES me@seleads.com; HOSTNAME my.seleads.com; HOME_NET NOT_USED; ALERTING_METHODS noemail; IPT_SYSLOG_FILE /var/log/syslog; EMAIL_LIMIT_STATUS_MSG N; ENABLE_AUTO_IDS Y; AUTO_IDS_DANGER_LEVEL 2; AUTO_BLOCK_TIMEOUT 2592000; ENABLE_AUTO_IDS_EMAILS N; Restart psad psad -R psad –sig-update psad -H sudo vi /etc/cron.hourly/save-bad-ips #!/bin/sh PATH=/usr/share:/usr/sbin:/usr/bin:/sbin:/bin /sbin/iptables-save -c > /tmp/iptables-save.txt #echo “SELECT lockdown_IP FROM...