1. Don’t Use FTP or Telnet
I only use SSH to interact with my remote machine. Your Linux distribution should come with SSH tools already installed, but in case it doesn’t, use OpenSSH.
2. Keep Kernel and Software Up to Date
If you use apt:
# apt-get update && apt-get upgrade
Apticron is a package that emails you when security updates are available.
# apt-get install apticron
3. User Accounts and Strong Password Policy
Use the useradd / usermod commands to create and maintain user accounts. The chage command changes the number of days between password changes and the date of the last password change. To get a user’s password expiration info:
# chage -l [username]
See man chage for more.
Show Login Failures
$ faillog
Lock and unlock accounts, respectively, with
# passwd -l [username]
# passwd -u [username]
Check No Accounts Have Empty Passwords
# awk -F: '($2 == "") {print}' /etc/shadow
Make Sure No Non-Root Accounts Have UID Set To 0
Accounts with UID 0 have full system privileges. Check that you only have one line
(root:x:0:0:root:/root:/bin/bash) when you run this command:
# awk -F: '($3 == "0") {print}' /etc/passwd
4. Disable Root Login
Don’t login as root. Use sudo.
5. Disable Unwanted Services
Find Listening Network Ports
Close any ports and associated network services you don’t need.
# nmap -sT -O localhost
by Brian W. Kernighan and Rob Pike