Site Map - skip to main content

Hacker Public Radio

Your ideas, projects, opinions - podcasted.

New episodes Monday through Friday.

hpr465 :: Failsafe security

Tips on securing your Linux systems, see Episode 431

<< First, < Previous, , Latest >>

Thumbnail of Ken Fallon
Hosted by Ken Fallon on 2009-10-14 is flagged as Explicit and is released under a CC-BY-NC-SA license.
security,netstat,hosts file,iptables,Firefox,noscript. (Be the first).

Listen in ogg, spx, or mp3 format. Play now:

Duration: 00:16:11

general.

WARNING: It's easy to lock yourself out of a system implementing these changes so make sure you have physical access to the console of the system you are securing.

To display all processes listening

  netstat -anp | grep -i listen
Deny all connections to any port from any external IP address 
/etc/hosts.deny
  all:all

/etc/hosts.allow
  sshd:192.168.1.54 # My other pc

IPTables Tutorial: https://iptables-tutorial.frozentux.net/

A good starting point to block all except ssh: https://www.cyberciti.biz/tips/linux-iptables-4-block-all-incoming-traffic-but-allow-ssh.html

Disable root login via ssh: https://www.howtogeek.com/howto/linux/security-tip-disable-root-ssh-login-on-linux/

Setting up ssh keys and disabling password logins.

https://www.debuntu.org/ssh-key-based-authentication

Comments

Subscribe to the comments RSS feed.

Leave Comment

Note to Verbose Commenters
If you can't fit everything you want to say in the comment below then you really should record a response show instead.

Note to Spammers
All comments are moderated. All links are checked by humans. We strip out all html. Feel free to record a show about yourself, or your industry, or any other topic we may find interesting. We also check shows for spam :).

Provide feedback
Your Name/Handle:
Title:
Comment:
Anti Spam Question: What does the P in HPR stand for ?