Showing posts with label Fail2ban. Show all posts
Showing posts with label Fail2ban. Show all posts

HOWTO : Secure your Ubuntu Server in a passive way on Ubuntu 11.04

Root account access warning

Add the following to the top of the file /root/.bashrc and you will be informed by email when the root account is being accessed.

echo -e "Root Shell Access on `tty` \n `w`" | mail -s "Alert: Root Access" samiux@gmail.com

You are also required to add the captioned line at the sudoers' .bashrc file.

echo -e "Sudoer Shell Access on `tty` \n `w`" | mail -s "Alert: Sudoer Access" samiux@gmail.com

Hardening SSH

The official port of SSH is 22. You can change it to any port that between 1024 and 65535. You can do it at the router or firewall and you can do it at the configure file of SSH at /etc/ssh/sshd_config. You are recommended to disable the root account login via SSH even you are using Ubuntu.

Port 65535
PermitRootLogin no

sudo /etc/init.d/sshd restart

Block all failed attempts

You are also required to install Fail2Ban in order to block all several time failed attempts.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install fail2ban

Change the setting at /etc/fail2ban/jail.conf when necessary.

Restart the fail2ban after the changes.

sudo /etc/init.d/fail2ban restart

Finally, enable firewall and only allow necessary ports to be access.

That's all! See you.
No comments:
Label: , , ,

HOWTO : Secure your Ubuntu Server in a passive way

*** The original post is written on June 13, 2009 by me. I repost here for reference. The original post is at here. ***

Root account access warning

Add the following to the top of the file /root/.bashrc and you will be informed by email when the root account is being accessed.

echo -e "Root Shell Access on `tty` \n `w`" | mail -s "Alert: Root Access" samiux@gmail.com

You are also required to add the captioned line at the sudoers' .bashrc file.

echo -e "Sudoer Shell Access on `tty` \n `w`" | mail -s "Alert: Sudoer Access" samiux@gmail.com

Hardening SSH

The official port of SSH is 22. You can change it to any port that between 1024 and 65535. You can do it at the router or firewall and you can do it at the configure file of SSH at /etc/ssh/sshd_config. You are recommended to disable the root account login via SSH even you are using Ubuntu.

Port 65535
PermitRootLogin no

sudo /etc/init.d/sshd restart

Block all failed attempts

You are also required to install Fail2Ban in order to block all several time failed attempts.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install fail2ban

Change the setting at /etc/fail2ban/jail.conf when necessary.

Restart the fail2ban after the changes.

sudo /etc/init.d/fail2ban restart

Finally, enable firewall and only allow necessary ports to be access.

That's all! See you.
No comments:
Label: , , , ,

HOWTO : Fail2ban on Ubuntu 9.04 Server

Fail2ban cannot work properly with Ubuntu 9.04 Server as Ubuntu installed with Python 2.6. It is very easy to overcome this problem.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install python2.5

sudo nano /usr/bin/fail2ban-server

Change the first line from

#!/usr/bin/python
to

#!/usr/bin/python2.5

Set the /etc/fail2ban/jail.conf as usual.

sudo /etc/init.d/fail2ban restart

Make change to the related services to "True". By default, any unauthorized access will be blocked after 6 invalid attempts.

sudo nano /etc/fail2ban/jail.conf

After that, restart fail2ban.

sudo /etc/init.d/fail2ban restart

That's all. See you!
No comments:
Label: , ,
Subscribe to: Posts (Atom)