Here are few steps which I have followed to secure my Linux boxes
First step is to update the distro
sudo apt-get update
sudo apt-get upgrade
Create a new user for day to day activities with root privilege
adduser sadmin
grant sadmin privileges
visudo
Add sadmin below root
Disable SSH Login for Root user
Change default ssh port to some thing else
vi /etc/ssh/sshd_config
Activate IP Tables and apply below rules
apt-get install iptables
create a file called iptables.test.rules
vi /etc/iptables.test.rules
Copy and paste below rules, remember to change your SSH port as I am using 2234,
49000:51000 and port for passive FTP, set on proftpd
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -j ACCEPT
-A INPUT -p tcp –dport 80 -j ACCEPT
-A INPUT -p tcp –dport 53 -j ACCEPT
-A INPUT -p udp –dport 53 -j ACCEPT
-A INPUT -p tcp –dport 443 -j ACCEPT
-A INPUT -p tcp -m state –state NEW –dport 2234 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 49000:51000 -j ACCEPT
-A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT
-A INPUT -j REJECT
-A FORWARD -j REJECT
COMMIT
Become root and save ip tables
iptables-save > /etc/iptables.live.rules
edit
To Auto start iptables
create file iptablesload in /etc/netword/if-up.d
#! /bin/sh
set -e
iptables-restore < /etc/iptables.live.rules
exit 0
chmod +x loadiptables
If you need to disable firwall for any testing purpose, you can use
iptables -F
really?