23 C
Texas

How to master Linux Server Securities

Today, in this article we will discuss how to master Linux server securities. Default securities are good in Linux but, require some extra care. Hackers can sniff your system easily if not taken care of properly. This is going to be a detailed topic I will try to cover it up in 02 to 03 writeups.

Key factors.

  • Open Ports.
  • Insecure or non-updated software.
  • Weak passwords policy.
  • Attacks on administrator accounts.
  • Lack of physical securities.

Open Ports.

Open ports can be attacked easily.

Ports scanning is the first thing that any Attacker would do before attacking your servers. They could get an idea of which service can be compromised based upon open ports. There are multiple methods to scan and identify open ports Nmap is one of them.

- Advertisement -
# apt install nmap
# yum install nmap

use nmap to scan open ports.

Insecure or non-updated software

Insecure or non-updated software can cause security issues.

If you are not updating the server regularly, attackers can gain access via using exploits. Misconfigures services can be harmful too. Always make sure to keep Operating System updated. Multiple tools are available to test vulnerabilities. OpenVAS is one of the famous tool that can be installed on the server to scan vulnurabitiels.

Install OpenVAS

#apt install openvas
#yum install openvas

Start Service.

# openvas-start && openvas-setup

Login to get reports.

Weak passwords policy

Loose password can harm server securities.

Using a tool like hydra attackers can gain access if your system is set up with weak passwords and have unwanted ports open. Always use complicated passwords and keeping them changing from time to time can reduce the chances of attacks. Let’s take a look at how hydra can be used to target servers with weak passwords. create a list of usernames and passwords with all possible combinations (userlist.txt & passwd.txt are created in my scenario).

# apt install hydra

Run command.

# hydra -L /root/userlist.txt -p /root/passwd.txt -u 127.0.0.1 ssh
Run hydra command to gain access.

Attacks on administrator accounts

Attacked on administrator accounts

Remember, if an attacker can gain access to an administrator account. An attacker can gain access to other servers as well. Even after having to have good securities, the hackers were able to gain access. Always make sure not to share passwords with unauthorized persons.

Lack of physical securities

Proving multi-factor authentications, providing physical locks can save servers from unwanted access. Do not provide any direct physical access like monitors or keyboards. Block all USB or other serial ports that can be attached directly to servers. No media file sharing has to be with critical operational servers.

Conclusion.

Today, we have learned how an attacker can gain easy access to servers & how to avoid it. Scanning ports with Nmap, system’s health check with OpenVAS are part of security assessment. In the next article, we will understand other aspects of security.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article