On 2017-06-27 07:37 PM, Truth Hacker via talk wrote:
I am starting to go down the road to harden a Linux server, I am using the Ubuntu server image as my starting point. [snip] Q: What service should I consider disabling from starting automatically.
Disable any service you won't need for what you are going to be doing with the machine. :)
I am reading up on iptable and also know about ufw, but not sure how to setup a good firewall, like what to block and not.
It depends on the extent to which you want to harden the machine. One way to set up a firewall is deny everything by default then open the holes for the services you need. firewalld is also a firewall related package I've been running across lately. Install logwatch and have it send the logs to you on a daily basis. Use fail2ban to automatically firewall any machine who fails too many times to login via SSH. You may also want to "chmod 711 /etc", FWIW. If you are really serious about hardening a machine read up on SELinux. -- Cheers! Kevin. http://www.ve3syb.ca/ |"Nerds make the shiny things that distract Owner of Elecraft K2 #2172 | the mouth-breathers, and that's why we're | powerful!" #include <disclaimer/favourite> | --Chris Hardwick