To Secure Linux operating system is of extreem importance considering the Linux OS usage world wide and increased security breaches and hacking attempts across the world.
We consider below steps to proceed with the security hardening.
- Security overview, principles, guidelines, concepts and best practices.
- Physical security
- BIOS Level and boot loader security
- Minimum software packages
- OS Layer security, user management, file system etc
- securing important services
- Linux permissions
- Linux Firewall [netfilter with iptables]
- data in transit and data at rest explained
- Network firewall
- monitoring
- Alerting
A very popular saying, nothing is secure, there is always a posibility of breack, Linux is also not an exception. While desgning secure linux OS, need to follow few principles –
- less attack surface
- least privilege principle
- open what is needed
- effective monitoring and logging
- do not run all services on single server
- use secure services, i.e. encryption as much as possible
- do not allow direct ssh access to application servers
- enforce strong password policies and make the length minimum 12 char
- enable MFA
How we can make Linux OS more secure and immune to security breaches and attacks –
- protect root and non-root accounts effectively
- Segregation of duties
- Manage Files and DIR permissions effectivelly
- never run app with root user
What is Package –
A linux package is a set of programs that makes a software. Package manager like yum, apt-get, dnf are used to manage and install software packages. Software are managed by repositories
Single user mode, various options
goto edit mode into Linux OS from grub menu –
next to ro s or S or 1 or rescue
for systemd
systemd.unit=<target> e.g. systemd.unit=rescue.target
press control + x to reboot with above changes
boot security –
enable sulogin instead of sushell
echo $$
ps -fp processid
Protecting the grub menu
booting the server with cd/dvd and editing the grub boot loader