What ever you are on Ubuntu Server, Debian or CentOS these security tips will help your enterprise.
  1. Install and configure Firewall – ufw
  2. Secure shared memory – fstab
  3. SSH – Key based login, disable root login and change port
  4. Apache SSL – Disable SSL v3 support
  5. Protect su by limiting access only to admin group
  6. Harden network with sysctl settings
  7. Disable Open DNS Recursion and Remove Version Info – Bind9 DNS
  8. Prevent IP Spoofing
  9. Harden PHP for security
  10. Restrict Apache Information Leakage
  11. Install and configure Apache application firewall – ModSecurity
  12. Protect from DDOS (Denial of Service) attacks with ModEvasive
  13. Scan logs and ban suspicious hosts – DenyHosts and Fail2Ban
  14. Intrusion Detection – PSAD
  15. Check for RootKits – RKHunter and CHKRootKit
  16. Scan open Ports – Nmap
  17. Analyse system LOG files – LogWatch
  18. Apparmor – Application Armor
  19. Audit your system security – Tiger and Tripwire
Tagged with: