PDA

View Full Version : [ubuntu] Is there anything else I should do to secure my server?



Jekshadow
February 3rd, 2010, 06:36 AM
I am running UFW, which is set to deny everything but SSH on port 22, OpenVPN on port 1194 and HTTPS on port 443. SSH is set to only allow private key logins, and the root account is disabled. I have AppArmor running for all of my daemons (OpenVPN, Apache2, OpenSSH) and I have Fail2Ban running.

Is there anything else I can do to secure my server from the Internet (it is directly connected, there is no NAT between the Internet and my server).

JT9161
February 3rd, 2010, 06:48 AM
An IDS

Jekshadow
February 3rd, 2010, 06:50 AM
An IDS

Think Snort will work?
http://www.snort.org/

JT9161
February 3rd, 2010, 06:52 AM
Think Snort will work?
http://www.snort.org/

Well, it's and IDS

mgichoga
February 3rd, 2010, 06:56 AM
If you are running a web application it might be useful to look at mod_security (http://www.modsecurity.org/) It is an apache2 security module that protects against common sql injections, XSS attacks etc.They have a comprehensive howto on installing it with the basic signatures.

--
M Gichoga