How can I harden /etc/sysctl.conf and disable ICMP broadcast requests?
Ping is the most basic method of determining whether a server is reachable over the internet. Ping works by sending ICMP echo request packets to the destination host and waiting for an ICMP echo response. It’s only used for troubleshooting and testing. When there isn’t a need for it, you must disable it. It’s also... Continue Reading
How to strengthen Ubuntu server password protection?
Keeping a server secure from assaults and data leaks requires implementing a robust password policy. Enforcing a minimum length and specifying password age are two best practises for password regulations. To complete these operations, I use the libpam-cracklib software. Install the libpam-cracklib package: sudo apt-get install libpam-cracklib To enforce password length: Go to the /etc/pam.d/common-password file and... Continue Reading
How to scan for malware in Ubuntu Servers?
Antivirus scanning software can protect viruses from infecting your computer. It’s a simple approach to maintain your server free of viruses if you use them. ClamAV, an open source antivirus programme, is my preferred utility. Install ClamAV: sudo apt-get install clamav Update virus signatures: sudo freshclam Scan all files for infected files and print them out, striking a... Continue Reading
How to enable Firewall/Iptables?
Iptables is a user-space utility application for configuring the IP packet filter rules of the Linux kernel firewall, which are implemented as separate Netfilter modules. The filters are structured in separate tables, each of which has a set of rules for how network traffic packets should be handled. Currently, separate kernel modules and programs are... Continue Reading
How to disable non essential services that are prone to exploitation?
Disabling unneeded services is a wise practice. As a result, fewer ports are available for exploitation in case of unwanted services running on the server. Install the systemd package: sudo apt-get install systemd See which services are running: systemctl list-units Recognize which services may expose your system to potential risks. Each service has its own... Continue Reading