Do you get common attacks? Will CentOS 8 harden helps you?

Do you get common attacks? Will CentOS 8 harden helps you?

What happens if the installation of CentOS is completed? It helps you to block people who are unauthorized to your website area and follows up the intrusions too! Many hackers and spammers look keen into the server for getting all your information within a fraction of a second.

Let us learn to stop all the malicious activity by following methods:

Firewall setup:
You might have to build security for your server as well as your website. It is not true that you can allow all the users without any check like a visitor. You must analyse who they are and what is their requirement by using technology right! Administrators who have full control of your server and website must perform a firewall setup at the beginning itself. Even if they want to open any ports, it is a must to do a firewall setup at first.

Use the command below to start the firewall setup:

Code:
sudo systemctl start firewalld
sudo systemctl enable firewalld
Check whether the service you have done is under the control of the firewall or not. So, use the below mentioned command:

Code:
sudo firewall-cmd --list all
If you going to open port 447 then execute the below command:

Code:
sudo firewall-cmd --add-port=447/tcp --zone=public –permanent
Later you can do enablement on type, ssh services:

Code:
sudo firewall-cmd --add-service=ssh --zone=public --permanent
Sometimes, you may need to remove services or ports. Based on that create a command by saying –remove-service and –remove-port.

Code:
sudo firewall-cmd –reload
Undesirable and Unused services can be disabled:
If you found any services are unused on the server kindly disable them. The main pathway for the hackers is to use those unused services which tell the port to open more in number.

Use the tool nmap for scanning the system and make a list of ports that are currently running in the server.

Files to be protected: Without your consciousness, you may edit or delete the files which are critical in usage. It contains the password in hash points such as /etc/gshadow and /etc/passwd. Use the command chattr which helps you to not edit or delete.

Code:
sudo chattr +i /etc/passwd

sudo chattr +i /etc/shadow
The main purpose of this command is to protect your files from hacker activity. It just denies the system login.

Securing Protocol SSH: One of the best remote logins protocols is SSH. But it has a negative feature of getting influenced by hackers. Most of the users will use the root user as a login. It is a kind of loophole that sincerely listens to the statement of hackers. Better to use login by creating it new instead of using root user along with the privileges of Sudo. Just do the configuration by modifying the file /etc/ssh/sshd_config and start to disable the root user login:

Code:
PermitRootLogin
Usage of SSH keys helps to set up SSH passwordless. Password is the easy way for tracking your information by hackers. So, better use the ssh keys for login use. Use the below command for creating the key pari by doing passwordless authentication enablement.

Code:
ssh-keygen
By now, you have two key pairs such as public key and private key. In server or remote server, the public key is copied whereas the private key is located at the host point. If you have ssh key pair in hand then no need to use a password for login right! Set the value without fail and disable the authentication of the password by modifying the file configuration /etc/ssh/sshd_config.

Code:
PasswordAuthentication no
Restarting the ssh service by taking the account of changes you made:

Code:
sudo systemctl restart sshd
I Hope, you understood the way of attacks on your server. Prevention is better than cure – Keep a hold on this line without fail.
Author
kumkumsharma
Views
2,308
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from kumkumsharma

Top