Join the open source coding forum

Ubuntu modules to increase the server security

I do not want to be a victim of getting hacked. That's why I am searching for modules which make my server more secure. Can anybody tell me what needs to be done to make a dedicated server more secure? Are there any good modules available which increase the server security?

shah's picture

Take the following measures

Vote the answer: 
0
No votes yet

I really didn't understand what you meant by Ubuntu modules. Did you mean some tool to detect penetration? I am mentioning some measures to increase the security-

  1. Change the BIOS settings and restrict access to your system by protecting your GRUB. Take the ability to boot from external devices from bios configuration. Setting up password protected BIOS is even better.
  2. The root user created as the only and first user should be used only to configure the system. It is a better practice to disabled it via SSH which hardens gain access to the system. Enabled SSH can be hacked by attacking brute-force of SSH several times which may break the password. This situation can be tackled by creating a new user and give it permission to use sudo and perform prerogative operations.
  3. Use different partitions for different data for strict security. Different partitions will combine different data. If anything happens to any specific partition, only that data will be your concern. Installation of the third party on different file systems under /opt is a must.
  4. Use SSH key pair for login. This is much secure method than a password.
  5. Do not install unnecessary packages. It will increase vulnerabilities. Remove or disable unnecessary services.
  6. Use firewall like iptables. It is networking tool which oversees changes on the kernel level.
  7. Prevent data stealing by restricting using USB stick.

Hope, I didn't misunderstand and these will solve your security problem.

AndreasOS's picture

fail2ban

Vote the answer: 
0
No votes yet

Please check the tool fail2ban. There are lots of bots which try to find out passwords by running endless login attempts. This is also not good for the bandwidth and server stability. That's why I can recommend the tool fail2ban as it blocks IP's if too many login attempts were found.