How to secure a Debian Server

Untitled Blog Post Name

I just want to show you some tools/methods for securing your Debian/Ubuntu-server.

Secure your SSH-login (please open /etc/ssh/sshd_config):

– forbid root-login

PermitRootLogin no

– only allow SSH-login with SSH-key (no password login)

PasswordAuthentication no

– change your SSH-port (for example Port 2020 instead of 22)

Port 2020

– if you have more than one IP-Adress which is accessible from everywhere, you should make your SSH-Daemon listen to only one IP-Adress

ListenAddress 1.2.3.4

(replace 1.2.3.4 with the IP-Adress you want your SSH-Daemon to listen to)

Install Updates regularly:

apt-get update && apt-get upgrade

Use fail2ban for prohibiting bruteforce-attacks:

– Simply install that tool via aptitude

Find rootkits with rkhunter: (rkhunter)

– You can install rkhunter via aptitude

If you did all these changes applying the SSH-settings and you installed fail2ban and rhunter you can say that your server is quite secure. Of course, this is no guarantee that your server won’t be hacked, but it makes it much harder.

Das könnte Dich auch interessieren …

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Time limit is exhausted. Please reload the CAPTCHA.