Guidelines To Ensure Linux Server Security

By Author: Sunil Punjabi
Total Articles: 2565
Comment this article

There are some security measures that are essential to implement in order to avoid server security problems that can easily occur in anyone's system.

Difficult Passwords
Making easy passwords such as "friend" or "brother" makes your system less secure and your system can be easily hacked. It's preferable to choose passwords containing, alphabets, numerical, characters and some additional symbols. For example use password like "fr!3nd_65" to ensure server security and protection. Complicated password should be used because there are many ways anyone can get your encrypted password. As far as Linux system with a web server is concerned, the first thing that comes in anyone's mind are all those various CGI scripts that make you get an additional password file from the system that has been attacked. Always keep in mind that a simple password is easy to crack whereas a difficult password is harder to crack. Therefore, for your server security make a good password using symbols, alphabets and numbers.

Password Length
In addition to making a difficult password, the length of the password ...
... should be eight. Though, the minimum length required by your Linux system is five but for server security you should keep it eight. For this you are required to edit the login.defs file (configuration file for the login program) and also edit the line PASS_MIN_LEN 5 to PASS_MIN_LEN 8.

File transfer
Transferring files from and to the system can also lessen your server security. Therefore, it's important that you shut down the FTPd while transferring files to your system. Moreover, a securer way to keep your system protected is SCP. It makes use of SSH to transfer data and also make use of the similar authentication, providing similar server security.

BIOS Security
To further ensure server security, prefer setting password using BIOS security. BIOS security will allow you to block unwanted people who with the help of a special disk try to boot your system, hence protecting you from individuals who try to boot the server without a password prompt.

Disable your special or unwanted accounts
Unwanted accounts and default users can also cause hindrance in your server security. Therefore, deleting all such accounts like sync, news, operator, gopher, games and other will help you maintain your system security.

Enable your shadow password option/feature
server security also requires enabling shadow password option or feature. To do this, you are required to apply the "/usr/sbin/authconfig" function in your system. However, if you wish to change your current password and convert it to shadow password then apply the "pwconv, grpconv" functions or commands.

Make sure you disable console-equivalent access programs
Another way to ensure server security is that you prevent the use of console-equivalent access programs such as reboot, halt and shutdown for individuals that use your server daily.

Disable unused services
Disable all the services that are not used by you. This will not only ensure server security but will also keep you less worried about your system.

Above mentioned are few guidelines on Linux server security. If these instructions are followed properly your system will remain protected forever.

For all your requirements of 24x7 Server security services, Server Monitoring, server support, remote server management, for Windows and Linux servers - contact us now - http://www.24x7servermanagement.com/