Linux Server Hack
What your [tag]Linux[/tag] Server was hacked again? I’m received a call from my friend and he said his customer Linux [tag]server[/tag] was [tag]hacked[/tag] by someone again yesterday.
After the phone conversation, I found that his Linux Server was hacked because of password [tag]brute force[/tag].
What is a brute force attack?
Brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message. In most schemes, the theoretical possibility of a brute force attack is recognised, but it is set up in such a way that it would be computationally infeasible to carry out. Accordingly, one definition of “breaking” a cryptographic scheme is to find a method faster than a brute force attack.
I would suggest [tag]Securing[/tag] and [tag]Hardening[/tag] Linux as below:
- Shell access given to system administrator only
- System administrator must have good knowledge in Networking, Security and proper training
- Enabling password aging
- Enforcing Stronger Passwords
- Locking User Accounts After Too Many Login Failures
- Avoid Easy-to-compromise User Accounts
- Using sudo
- Checking File Permissions and Ownership
- Removing Unnecessary Software Packages (RPMs)
- Using Firewall - iptables, shorewall
- Using ChkRootkit
- Backup your server
- Using DenyHosts
- Using Logwatch
- Securing SSH - no root login, change default port no, no empty password allow
- Using Bastille
- Using Tripwire
- Using Snort
- Using SELinux
- Using VPN
- Patch Linux Sytem
- Keep your system up-to-date
- Regularly monitor the log files
- Detect Listening Network Port
- Secure your Application Services such as Samba, Sendmail, MySQL and etc
Possibly Related Posts:
- I decided to CHANGE
- Bulan Ramadan
- Why Telnet Not Working From Different Network
- Official Comment From Maxis Broadband?
- Edison Chen is back!
