Linux - How to prevent hacking attacks, Hardening Servers

How to prevent hacking attacks

Hacking Attacks - Prevention

Some of the main steps are discussed here to harden your server.

1. Harden your systems (also called "lock-down" or "security tightening") by

» Configuring necessary software for better security
» Deactivating unnecessary software - disable any daemons that aren't needed or seldom used, as they're the most vulnerable to attacks
» Configuring the base operating system for increased security

2. Patch all your systems - Intruders can gain root access through the vulnerabilities (or "loop holes") in your programs so keep track of "patches" and new versions of all the programs that you use (once the security hole is found, manufacturers usually who offer patches and fixes quickly before anyone can take advantage of the holes to any large extent), and avoiding using new applications or those with previously documented vulnerabilities.

3. Install a firewall on the system. There are lot of opensource available which can be used to secure your system.

4. Assess your network security and degree of exposure to the Internet. You can do this by following the suggestions.

» portscan your own network from outside to see the exposed services (TCP/IP service that shouldn't be exposed, such as FTP)
» run a vulnerability scanner against your servers.
» monitor your network traffic (external and internal to your border firewalls)
» refer to your system log - it will reveal (unauthorized) services run on the system and hacking attempts based on format string overflow usually leave traces here
» check your firewall logs - border firewalls log all packets dropped or rejected and persistent attempts should be visible.
» Portmapper, NetBIOS port 137-139 and other dangerous services exposed to the Internet, should trigger some actions if you
» Also, more complex security checks will show whether your system is exposed through uncontrolled Internet Control Message
» Protocol (ICMP) packets or if it can be controlled as part of DDoS slaves through ICMP.
» You can also write a script to send alerts to your mail if any of these attempts are made by intruders.

5. When using passwords never use

    --> real words or combinations thereof
    --> numbers of significance (eg birthdates)
    --> similar/same password for all your accounts 

6. Use encrypted connections - encryption between client and server requires that both ends support the encryption method

» don't use Telnet, POP, or FTP programs unless strongly encrypted passwords are passed over the Internet, encrypt remote shell sessions (like Telnet) if switching to other userIDs/root ID
» use SSH (instead of Telnet or FTP)
» never send sensitive information over email

7. Do not install software from little known sites - as these programs can hide "trojans". If you have to download a program, use a checksum, typically PGP or MD5 encoded, to verify its authenticity prior to installation

8. Limit access to your server - limit other users to certain areas of the filesystem or what applications they can run

9. Stop using systems that have already been compromised by hackers - reformat the hard disk and re-install the operating system

10. Use Anti-Virus Software (ex. Norton Anti-Virus or McAffee) and keep your virus definitions up-to-date. Also, scan your system regularly for viruses.

Some of the ways by which Web hosting providers' Security Officers Face Challenges.

» looking at new products/hacks
» regularly reviewing policies/procedures
» constant monitoring of well known ports, like port 80, that are opened in firewalls
» timely installation of patches
» customized setup of servers that isolate customers from each other - "In a hosting environment the biggest threat comes from inside - the customers themselves try to break into the system or into other customer's files"
» investment in firewall, VPN devices, and other security measures, including encrypted Secure Sockets Layer (SSL) communication in the server management and account management systems
» installation of secure certificates on web sites
» purchase and deployment of products according to identified needs
» monitoring suspicious traffic patterns and based on the customer's service plan, either shunting away such traffic as bad, or handling it through a content-distribution system that spreads across the network.

The topic on Linux - How to prevent hacking attacks is posted by - Sampath

Hope you have enjoyed, Linux - How to prevent hacking attacksThanks for your time