As a Linux admin, staying up-to-date on vulnerabilities like this one is crucial to keeping your critical systems and confidential data secure. To help you understand and protect against this kernel bug, we’ll explore its implications for security practitioners and the long-term consequences it may bring. We’ll also explain how to secure your systems against this dangerous kernel flaw.
- An offsite backup of your server can help you quickly recover any lost machines due to intrusion or attack.
- Since software bugs are one of the main barriers to security, having fewer packages mean the vulnerability surface gets smaller.
- Prepare yourself mentally because this is going to be a long list.
Cron has it’s own built in feature, where it allows to specify who may, and who may not want to run jobs. This is controlled by the use of files called /etc/cron.allow and /etc/cron.deny. To lock a user using cron, simply add user names in cron.deny and to allow a user to run cron add in cron.allow file. If you would like to disable all users from using cron, add the ‘ALL‘ line to cron.deny file. It’s also recommended to change default SSH 22 port number with some other higher level port number. Open the main SSH configuration file and make some following parameters to restrict users to access.
Bonus: Cipi Control Panel
When ICMP is enabled, malicious attacks including network discovery, covert communication channels, and network traffic redirections can be executed. Below are a few examples of types of attacks that can be unleashed when ICMP is enabled. Internet Control Message Protocol (ICMP) allows internet hosts to notify other hosts about errors and helps system administrators in troubleshooting.
The Linux filesystem divides everything into several parts based on their use case. You can separate the critical portions of the filesystem into different partitions of your disk storage. For example, the following filesystems linux hardening and security lessons should be split into different partitions. Linux offers excellent in-built protections against unwanted network requests in the form of iptables. It is an interface to the Netfilter mechanism provided by the Linux kernel.
Monitor Suspicious Log Messages With Logwatch / Logcheck
Enter the password you want to set and it will generate an encrypted hash using your password. Now, you’ll need to put this hash into your grub configuration menu. You can also grant sudo privileges to existing users by using the below command. Admins need to make sure that no user on the system has empty passphrases. Encrypting your disk storage can prove highly beneficial in the long term. It will prevent data leaks in case of theft or any third-party intrusion.
This command will open the quota settings of in an editor where you can assign the quota limits. You can set both soft and hard limits for the disk quota size as well as the number of inodes. Investigate these files properly and see if these permissions are mandatory or not. SUID and SGID are special types of file permission in the Linux file system. Having the SUID permission allows users other to run executable files like they are the owner of those files.
Linux Mint Security Hardening
In the above example we created the id_rsa private key file and corresponding id_rsa.pub public key file. Create the key pair with the ssh-keygen command, the -t specifies the type of key to create, here we are using rsa version 2. If a login is successful before the limit has been reached the failure count will reset to 0. For more details see the pam_tally2 manual page by typing ‘man pam_tally2’.