Here are few steps which I have followed to secure my Linux boxes

First step is to update the distro

sudo apt-get update
sudo apt-get upgrade

Create a new user for day to day activities with root privilege

adduser sadmin

grant sadmin privileges

visudo

Add sadmin below root

Disable SSH Login for Root user

Change default ssh port to some thing else

vi /etc/ssh/sshd_config

Activate IP Tables and apply below rules

apt-get install iptables

create a file called iptables.test.rules

vi /etc/iptables.test.rules

Copy and paste below rules, remember to change your SSH port as I am using 2234,
49000:51000 and port for passive FTP, set on proftpd

*filter

-A INPUT -i lo -j ACCEPT
-A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT

-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

-A OUTPUT -j ACCEPT

-A INPUT -p tcp –dport 80 -j ACCEPT
-A INPUT -p tcp –dport 53 -j ACCEPT
-A INPUT -p udp –dport 53 -j ACCEPT
-A INPUT -p tcp –dport 443 -j ACCEPT

-A INPUT -p tcp -m state –state NEW –dport 2234 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 49000:51000 -j ACCEPT

-A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT

-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

Become root and save ip tables

iptables-save > /etc/iptables.live.rules

edit

To Auto start iptables

create file iptablesload in /etc/netword/if-up.d

#! /bin/sh
set -e
iptables-restore < /etc/iptables.live.rules
exit 0

chmod +x loadiptables

If you need to disable firwall for any testing purpose, you can use

iptables -F

Securing my Debian Box

One thought on “Securing my Debian Box

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.