|
A Safe Linux Server
The mantra that most system users and administrators will use
when it comes to security, is that there is no hack proof computer.
It's a universally accepted idea, all we can do is try our best
to keep our web servers only running the processes that we intend.
In this section of my site, I will try to keep a list of things
that I do on my Linux server to keep it secure.
Know Your Server
This is something even I cringe at, but it's true. If you're familiar with
the processes and file system on your server, you're better equipped to
prevent and detect break-ins.
Linux Tools
Linux computers come with a series of programs like wget, lynx, links, rpc, and scp,
that allow you download and move files between computers.
For an extra measure of security you can make sure that only root can access these
files by doing a chmod 750 on them. You will usually find these programs in the
/bin or the /usr/bin/ folders.
|
|
|
|
netstat -npl
I find this to be a very reassuring program. It gives you a list of
processes that are listening or writing to a sofware port. Programs
installed by hackers and crackers will usually use unusual port numbers.
|
What you may want o do is make a list of processes and the ports
used by these, and then write a script that emails you when a connection
not found in your list is found. If you don't have the time you may download
pmon from
R-fx Networks.
|
