How can I secure my Linux server?

At Prepaid-Hoster, the security of your server is our top priority. That’s why we have developed the Security Manager – a powerful tool that checks your Linux server for known vulnerabilities and provides advice on how to address these weaknesses. In this FAQ entry, you will learn about the security checks performed by the Security Manager and effective ways to secure your server.

Possible Vulnerabilities

At Vionity, we assess your Linux server for potential vulnerabilities. We focus on common weaknesses that even inexperienced users can address.

Name Issue Description
SSH Default Port Using the standard SSH port The standard SSH port (22) is widely used and therefore a popular target for attacks. Changing the port can enhance security.
FAIL2Ban not installed Lack of protection against brute-force attacks FAIL2Ban is a security program that blocks IP addresses after multiple failed login attempts. Without FAIL2Ban, the server is more susceptible to brute-force attacks.
No Root SSH Keys Authentication via password SSH keys are more secure than passwords. Without SSH keys, the server is more vulnerable to password theft and brute-force attacks.
SSH Root Password Auth enabled Allowing root login via password Direct root login via password is insecure. It is better to disable root logins or only allow them through SSH keys.
Failed Login attempts (high) Many failed login attempts Many failed login attempts can indicate brute-force attacks. This requires immediate attention and appropriate measures.
Java Root Process Running Java as root process Java processes running as root can pose a security risk as any vulnerability in Java can provide full access to the system.
TeamSpeak Root Process Running TeamSpeak as root process Running TeamSpeak processes as root can jeopardize the entire system in the event of software vulnerabilities.

Detailed Description of Security Issues

SSH Default Port

The SSH default port 22 is often the target of automated attacks. Changing this port to a less well-known number can reduce the attack surface of your server. This is a simple but effective measure to enhance security.

FAIL2Ban not installed

FAIL2Ban protects your server from brute-force attacks by blocking IP addresses after multiple failed login attempts. Without this safeguard, your server remains vulnerable to repeated attack attempts that could ultimately succeed.

No Root SSH Keys

Using SSH keys instead of passwords offers higher security. Passwords are more prone to being stolen or guessed through brute-force attacks, while SSH keys are more difficult to compromise. It is recommended to allow root access only through SSH keys.

SSH Root Password Auth enabled

Direct root logins via password should be disabled as they pose a significant security risk. It is safer to grant root access only to a regular user who can then obtain root privileges using sudo or su.

Failed Login attempts (high)

A high number of failed login attempts can indicate ongoing brute-force attacks. It is important to monitor these attempts and take appropriate measures such as blocking the attacker’s IP or implementing additional security mechanisms.

Java Root Process

Java applications should not be run as root processes as vulnerabilities in Java can lead to complete system compromise. It is safer to run Java applications with a non-privileged user.

TeamSpeak Root Process

Similar to Java, TeamSpeak should not be run as a root process. Security vulnerabilities in TeamSpeak could be exploited to compromise the entire system. It is better to run TeamSpeak with its own restricted user account.

General Advice

Regular Updates

Ensure that your system and all installed packages are regularly updated. Security updates address known vulnerabilities and enhance stability. Learn how to update your VServer on our FAQ page.

Set Up a Firewall

Use a firewall like ufw (Uncomplicated Firewall) or iptables to prevent unauthorized access. Enable only the necessary ports.

User Management

Create separate user accounts for different tasks and grant only the necessary permissions. Avoid working regularly as the root user.

Create Backups

Make regular backups of your data and configurations. Automate the backup process to prevent data loss.

Don’t Copy Commands You Don’t Understand

Look at a command before copying it into your console. A wrong rm -rf or a chmod in the wrong directory can jeopardize the security of your server and render it unusable.

Quick Solutions

Sources

If you need further information or specific guidance on implementing security measures, please let me know!

Leave a Reply

Your email address will not be published. Required fields are marked *