Basic Server Hardening

From packets2photons
Jump to navigation Jump to search

UFW

These are my default firewall rules on any Linux box that I setup. Obviously, I allow more if I am running a webserver, VPN et cetera

sudo ufw default deny
sudo ufw limit SSH
sudo ufw enable

I always check the status with:

sudo ufw status

Fail2Ban

Fail2ban is effective at reducing repeated access attempts from internet scripts. Before installing

apt-get install fail2ban

Or in Arch

pacman -S fail2ban

The service should start immediately. Test it out by repeatedly sshing with an incorrect username admin and password. Monitor the fail2ban logs:

tail -n 30 /var/log/fail2ban.log

How long are you banned for? How long until you can ssh with the correct username and password?