bsdnerds logo

bsdnerds.org

Good practices for Linux Sys Admins

Linux server security is quite impressive, especially if you follow some additional security tips and tricks.

Experts say that this is one of the most secure systems you can use, while it can provide all sorts of security layers depending on your needs.

With several ways to better your security on a Linux system, read on to find out the best security practices every Linux admin must follow.

Modify the SSH port

The standard SSH port for a Linux system is 22, so naturally that is where everyone expects it to be.

To boost the security for a Linux server, it is best to modify it and move it to a new location.

In this way, it will be harder to identify or to inject a malware into your server.

Disable root logins

Another good practice for Linux administration is to turn off root logins.

Therefore, you should set up a new username, and use the special access command to execute root level commands.

sudo is efficient because it can allow any user you select to make use of the admin commands, without compromising the security of your server.

Deactivate unused network ports

Leaving unused network ports activate is similar to an invite sent to anyone that seeks for a vulnerable Linux system.

To boost your web host security, use the netstat command to view open network ports and disable those that are not needed.

In addition, you can always use iptables to deactivate open ports.

Keep the software updated

For the best Linux server security you should always keep the software updated.

Which package manager you use is the one included by your Linux distribution.

This could be YUM (Yellowdog Updater Modified), RPM (Red Hat Package Manager) or APT.

It’s important to update, for keeping your servers software components updated.

In addition, you can always select the automatic Linux Server security updates via cronjob.

This will install the newest updates as soon as they are available on the web.

Create a firewall

Another good security practice for Linux admins is to increase security with the help of a firewall.

A firewall needs to be in compliance with the web host security in place, and for Linux kernel you will have access to the built in NetFilter.

Match it with iptables, and you will have the best security feature for your server.

Use SELinux

The Security enhanced Linux is great for getting required access control mechanisms.

In combination with an anti-malware or an anti-virus, it can increase the security of your server, especially if it is the case with mails.

Anti-malware software is necessary inclusion for any Linux server security, as it will create an extra layer of protection, that will prevent unwelcomed intrusions.

Other measures

Besides these six good security practices for Linux servers, you can do this:

  • always use SFTP instead of FTP
  • undergo regular backups
  • disable anonymous FTP uploads
  • use a rootkit scanner
  • create a strong password policy that will prevent users from accessing their accounts after several failures to log in.

Linux is great because of all the security measures it gets to admins.