Tagged: Harden Debain

Harden Debian 7 Server with PSAD

Install Port Scan Attack Detector on Debian 7 Server sudo apt-get install psad sudo vi /etc/psad/psad.conf change these lines EMAIL_ADDRESSES me@seleads.com; HOSTNAME my.seleads.com; HOME_NET NOT_USED; ALERTING_METHODS noemail; IPT_SYSLOG_FILE /var/log/syslog; EMAIL_LIMIT_STATUS_MSG N; ENABLE_AUTO_IDS Y; AUTO_IDS_DANGER_LEVEL 2; AUTO_BLOCK_TIMEOUT 2592000; ENABLE_AUTO_IDS_EMAILS N; Restart psad psad -R psad –sig-update psad -H sudo vi /etc/cron.hourly/save-bad-ips #!/bin/sh PATH=/usr/share:/usr/sbin:/usr/bin:/sbin:/bin /sbin/iptables-save -c > /tmp/iptables-save.txt #echo “SELECT lockdown_IP FROM...

How To Harden Debian Server

Its not enough to harden just Debain. Its necessary to harden the rest of Apache-MySQL-PHP as well. Harden MYSQL sudo mysql_secure_installation answer Yes to all questions (but no need to change password) Disabling SSH root login and settings sudo vi /etc/ssh/sshd_config change PermitRootLogin yes to PermitRootLogin no LoginGraceTime 120 to LoginGraceTime 30 add line AllowUsers username username username Consider disabling...