Monday, 8 January 2018

How to secure our Linux server

Introduction

As we all know, a virtual server needs more security than any physical commodity as the loss incurred upon a brute force attack is not easily detectable and the damage carried out might completely destroy your online businesses or any process that is functioning online. So, it is best to obtain all the security measures one could afford to fortify the web servers from brute force attacks.
Before you get started setting up your server, let’s discuss some fundamental security measures that you can deploy to make your server as secure as possible. We will discuss different ways of securing your server in detail and also about configuring the same.

1.SSH Keys

The very basic and the most important security measure is to set up SSH based access to your server. Manual passwords are always vulnerable and the use of SSH keys will protect your server from vulnerable attacks in a much better way when compared to password protected servers. SSH keys are very easy to set up and require just a few seconds to configure them into the server.
While setting up SSH on the server, two keys are generated namely Public key and Private key out of which Private key should be kept secret by the user and the Public key can be shared if needed. Since the SSH keys have larger number of bits than the conventional passwords, it is seemingly impossible for the current set of computer hardware to crack the SSH keys as it would take lot of time for them to try the different combinations until the perfect match is attained. To learn how to setup SSH key on your server,.

2.Firewall

In simple terms, a firewall is a network security system that is designed to prevent unauthorized access to and from a private network. It can be software or a hardware device, but irrespective of that a firewall controls the flow of traffic to and from the servers based on a set of rules. There are  basically three types of firewalls which are packet filter firewalls, stateful firewalls and application layer firewalls. To understand how these firewalls differ from each other, we need to know how information is transmitted through a TCP network.
Information through a TCP network is sent in packets with each packet being assigned a header. Packet filter firewall inspects the packets individually without understanding its connection state. This means that packet filtering allows or denies a packet into or from the network based on the individual packet. On the other hand, stateful firewall analyses the packets based on the connection state and it does not apply the firewall rules until related packets are collected . Application layer firewalls are the most secure type of firewall as they inspect the data in the packets and not just the packet header. Stateful firewalls are mostly used for server protection and the firewall rules can be applied using  Iptables, nftables, UFC firewall and CSF firewall. To learn how to edit firewall rules using Iptables, check out this link.

3.VPN and Private networking

As the name suggests, Private Network is a network environment which is accessible only to distinguished users within local vicinity such as a company’s internal network. On the other hand, a VPN or Virtual Private Network is a networking method to access remote servers as if it were a part of the local private network. In other words, a VPN extends the private network across a public network such as the Internet. It enables the user to send and receive information from the server remotely but within a private network.
In context of server security, VPN plays an important part in allowing access to specific ports only through a private network. This enables users only within the private network to manage the servers and users from the public networks are barred from unrestricted access.

4.SSL/TLS encryption

SSL (Secure Sockets Layer) is a standard communication encryption technique between a web server and a browser. TLS (Transport Layer Security) is the successor of SSL, but both are generally referred to as SSL. Every time you visit any legit website, you might often see this symbol 🔒, pop up prior to the URL you enter in the browser. For example, let’s take sanketik.net
This padlock symbol represents the website’s SSL certification. Which means, sanketik.net intends to provide a safe and secure environment for its users and hence, it has provisioned its website with web security. The transaction of information is confined between the user and the web host. This digital encryption helps the website to keep the data private.
To implement SSL encryption into a website, an SSL certificate is obtained from authorized Certificate Authority (CA). This SSL certificate configures the server to trust  a specific CA after which the server trusts every certificate signed by that CA. This form of server protection is useful to prevent man in the middle attacks where in someone tries to intercept traffic between your server and the destination client.

5.Isolated execution

Isolated execution refers to isolating a particular device, in our case server, from external access and run in its own dedicated space. Isolated execution provides contained environment that enables users to limit any kind of damage that could be caused by malware through sandboxing. A sandbox is a testing environment that isolates untested code changes and protects live servers and their data, and other collections of code, data and/or content, proprietary or public, from changes that could be damaging (regardless of the intent of the author of those changes) to a mission-critical system or which could simply be difficult to revert.

No comments:

Step-by-step OpenLDAP Installation and Configuration on server

This tutorial describes how to install and configure an OpenLDAP server and also an OpenLDAP client. Step by Step Installation and Conf...