Sunday, July 19, 2015

Linux Security

SECURITY 


Things to be considered before configuring apache server.


1.Hiding Apache version and OS information:



Apache displays its version and the name of the operating system in errors. A hacker can use this information to launch an attack. so server administration must hide the server signature. This can be with following command
vim /etc/httpd/conf/httpd.conf

>Go to the above directory


ServerSignature Off

>Off the default signature


service httpd restart

>restart the server to take effect the changes



2.Disable Directory Listing



If /var/www/ don’t have the index file then webserver shows the document root directory

This feature could be turn off for a specific directory through “options directive” available in the Apache configuration file.

Options -Indexes



3.Restricting Access to files outside the root directory



Configure the file like given below:

Options None
AllowOverride None
Order deny,allow
Deny from all

This will not allow user to access outside the web root directory



HOW TO INSERT RESTRICTION. 



To view the current iptables configuration
iptables -L


How to block all connections from a specific IP Address.


iptables -A INPUT -s (ip address) -j DROP
e.g.: iptables -A INPUT -s 192.168.1.22 -j DROP


How to block all of the IP Addresses in the 192.168.1.1/24 network range.


Standard method: iptables -A INPUT -s 192.168.1.1/24 -j DROP
OR
Netmask method: iptables -A INPUT -s 192.168.1.1/255.255.255.0 -j DROP



How to block SSH connections from any IP address.


iptables -A INPUT -p tcp --dport ssh -j DROP

How to block SSH connections from a specific IP Address.


iptables -A INPUT -p tcp --dport ssh -s 10.10.10.10 -j DROP
For tcp protocol use -p tcp
& for udp protocol use -p udp


The changes that you make to your iptables rules will be scrapped the next time that the iptables service gets restarted unless you execute a command to save the changes


For Ubuntu:
sudo /sbin/iptables-save


Red Hat / CentOS:
/sbin/service iptables save
Or
/etc/init.d/iptables save


To clear all the currently configured rules:
iptables -F
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Evil Twin attack

Evil Twin Attack is attack is frequently carried upon wireless access points with malicious intentions. This attack happens when...