There are many things we could do to protect the Linux servers from unwanted access to the system.

SSH Hardening

By default, Linux comes with several users for example jboss, postgres. With the username known, it is very easy for hacker to guess the passwords of these default users using certain password hacking program.

To prevent such situation, it is very important to disallow these default users to have remote access feature. On the other hand, only allow authorized users to remotely access the server.

The below is the step-by-step guide to setup the above mentioned security measure :

1) Login as a normal user to the server
2) su -
3) vi /etc/ssh/sshd_config
4) Append the following lines at end of the file :
       AllowUsers username1 username2 username3
5) /etc/init.d/sshd restart
6) Try to login remotely using root user, if you have done the steps above correctly, you shouldn't be able to ssh from remotely now.

* username1 = name of normal user that you want to give authorization to remotely access the server
* You can append as many username as you like

Software Firewall

Linux comes with software fire wall that ones can use to block access to certain ports in the system. Login to the linux server, and switch to root user, then type the system-config-securitylevel to invoke a popup window. You can start configuring the fire wall from here.

login as: vincent

vincent@localhost's password:

Last login: Mon Jan 15 21:10:54 2007

[vincent@localhost ~]$ su -

Password:

[root@localhost ~]# system-config-securitylevel