On a basic Linux system, passwords are stored in the /etc/passwd file. This is usually OK for a single-user system, but on a multi-user system, such as a server, the passwords should be hidden and encrypted. Shadow passwords allow you to do just that . On Red Hat Enterprise Linux and CentOS, the shadow-utils package [...]
Worried about malware? No? You should be. Cyber criminals are always looking for new and creative ways to attack your server or user your dedicated server to attack others. There are plenty of prevention methods you can have in place, but you should also have a system for detecting malware that may have already made [...]
Monitoring your server is a great way to prevent cyber attacks and stop those that might be in progress. Unfortunately, you cannot always be present to monitor your server. Unless you are an android, you likely still require sleep. For those times when you cannot be be present, Fail2ban is an excellent friend to have.
Downloading a file from your server should not be tricky. If it is a web-facing file, you can usually download it with your web browser. If it is not, you could use FTP. The problem with both of these options, FTP and HTTP, is that neither is truly secure. If you need to download a [...]
Malware and Spam
Of all the security problems a server might have, malware and spam are particularly despicable. Few things are worse than finding out you have a virus or other malware infecting your system.
Linux servers do not have to worry about nearly as many viruses as Windows servers do. Nevertheless, you should still [...]
Network Security
When it comes to network security, your firewall is one of your most important tools. It is generally a good idea to have multiple lines of defense, such as a router-level firewall and also a server-level firewall that is software-based. Usually, you can block most ports with your firewall, and only allow [...]
System Logs
Every Linux operating system keeps logs for system processes and applications. You can use those logs to monitor server performance and also sniff out any abnormalities that may be security security related.
There are some common Linux logs that are more important than others, such as the kernel log, authentication log, web server [...]
Over the years at Dedicated Server School, we have provided you with numerous security tips, often on an individual and specific level. This five-part series will instead give a general overview of Linux server security to serve as a quick reference tool whenever you might need it. Rather than searching for the security topic you [...]
As the end of the year approaches, now is a good time to make sure your server is living up to your security standards. It might be easy to neglect if you do not have any noticeable security problems, but the only way to truly know how your server is fairing is to run a [...]
A server is only as strong as its weakest user, and a weak user will have a weak password. One way you can at least make passwords a little more secure is to require users to routinely change them. To do so, use the login.defs file to set the number of days until users are [...]
The last thing you would ever want or need on your dedicated server is for an unauthorized user to gain root access. This applies to both those external users with malicious intent and those who have limited privileges and may just play around with their newfound powers. Either way, it is bad news. One practical [...]
Linux dedicated server security does not have to be overly complex. With the right tools, you can accomplish your security goals with efficiency. One such project, Sentry Tools, offers host-level security services for Linux and other Unix-like operating systems.
Sentry Tools includes: PortSentry, Logcheck/LogSentry, and HostSentry. PortySentry protects against portscans. LogSentry automates log file [...]
Connecting to an SSH server is usually pretty straightforward, and your login credentials are encrypted for security. This makes SSH useful for other types of connections beyond basic shell access. Backup/syncing tools like rsync can use it, and file transfer programs like SCP for SFTP can use SSH technology for secure file transfers.
In part one, [...]
In a previous post, we explained how to use “su” to execute a command as another user, but that is only one of the many ways you can accomplish this on a Linux or Unix server. The following techniques each have their own advantages and can help you run programs under different user identifications.
runuser – [...]
Malware is in the news all the time. From high profile cyber attacks on government infrastructure, to viruses that affect millions of home computers, malware is everywhere. As a system administrator, should you be concerned about malware on your dedicated server or virtual private server(VPS)?
First, we should have a clear definition of what malware is. [...]
It is generally not a good idea to disable the firewall on your dedicated server, but there are instances when it might be necessary. For example, if you need to run some network tests or perform some type of maintenance, you may need to have your firewall disabled. Most Linux distributions come with the standard [...]
When covering application security, there are three basic application types you should consider:
Standard applications that you install directly on your server’s operating system and run only when you need them
Applications that are run as daemons or services, starting at boot time and continuing to run as long as the server is on
Web applications [...]
The security of your operating system can be very complex. It is a large collection of software that has direct access to your hardware. Therefore, it is crucial to maintain an ongoing security policy for protecting your server’s OS.
The following items should be at the top of your server OS security list:
Kernel updates – The [...]
In order for a network to be secure, you need to have some type of firewall in place. Firewalls typically protect your server from a wide variety of network attacks, all of which focus on weaknesses or holes in your network. For example, an cyber-criminal may scan your server for an open, unused port and [...]
Protecting your dedicated server from cyber-attacks is always a critical part of system security. You have, after all, invested time and money into protecting your websites and the websites of any clients you might have. Nevertheless, you should not assume that everything is fine with your server simply because it appears to be functioning. It [...]
As you welcome in the new year, now is a great time to run some basic security checks on your server to make sure it is running in top shape and continues to be a safe haven for your websites. The following five security checks are ones that you should not delay until later in [...]
As the end of the year approaches, you have probably fallen behind on some of your routine security checks. The holiday season is a busy time for hackers who try to exploit the increased online user activity, especially the activity of holiday shoppers. Sometimes security can cost you money, so it is a good idea [...]
On a Linux server, root is the administrator of everything, the king of the hill. Root can do whatever he wants, whenever he wants. With full access and full privileges, root is the most powerful user on the server. While it may be convenient to login to your server as root and get to work, [...]
Some server system administrators, especially those with little experience, may operate under the mistaken belief that they will find security through obscurity. In their minds, as long as their server is small and not hosting major big-name websites, those with malicious intent will leave them alone.
What these idealists fail to realize is that attackers do [...]
Over at The Hosting News, we asked the question, “Do you need SSH with shared hosting?” This is a common question among shared hosting users, particularly those who are more adept at technologly. Here at Server School, we focus on dedicated servers, so the question for you is different. Should shared hosting customers have [...]
One day, while monitoring your server, you notice a user you do not recognize logged in through SSH or another method. What should you do in this situation?
First of all, do not panic. It may seem horrible, but is probably not as bad as you think. The fact that you still have control and a [...]
In my years as a system administrator, I learned that security is much more complex than most people realize. You cannot get away with doing just one thing. One security measure will not save your dedicated server or VPS. Your security must be comprehensive and constantly adapting to defend against intruders. The following are three [...]
With a Linux or Unix dedicated server, you will probably access it via SSH on a regular basis. It is an essential feature for server system administrators. For other users, however, it is usually not essential and may even be a security risk. Do your hosting customers or company employees need access? A lot of [...]
When bad guys start attacking your server, one of the first things you might try to stop it is to block their IP addresses. In some instances, this works perfectly and will remove your problem quite thoroughly; however, it is not always effective. Therefore, it is important to know when it is useful to block [...]
You have likely heard the expression “security through obscurity”, and you may have even considered adopting it as a policy at one point or another. It is convenient to believe that an “obscure” server is secure because no one knows about it, but this is not a very realistic theory.
As a rule, any device attached [...]
