Valuable Practical Tips for Linux VPS

Valuable Practical Tips for Linux VPS 1

Linux servers are very popular today. Every user who actively employs a server-based on this operating system is very happy that Linux has very great potential, which is related to its security. But this does not mean that it is not vulnerable to hacking, to unwanted sessions from third-party users. Today, there are many ways that are truly effective for improving the security and health of the server. This blog post will describe some practical tips that actually work. You will be able to secure your server in exactly the ways for security that actually work!

Linux GnuPG Encryption

When your data travels across the network, attackers try to intercept it, thereby compromising the security of the Linux server. One way to check if passwords, keys, and certificates are encrypted is to have the GnuPG encryption tool. This program uses a unique keying system that will ensure that you are not spied on your information as it travels across the network.

GnuPG dates back to 1997 and is free software (which means respecting your freedom). It is free to use, modify, and redistribute under the terms of the GNU General Public License. GnuPG is a special program that uses a combination of traditional symmetric key cryptography to improve speed and public key cryptography to facilitate secure key exchange, usually using the recipient’s public key to encrypt a session key that is used only once. This mode of operation is part of the OpenPGP standard and has been part of PGP since its first version.

GnuPG also supports symmetric encryption algorithms. GnuPG uses the AES symmetric algorithm by default, since version 2.1, CAST5 was used in earlier versions. GnuPG does not use proprietary or otherwise limited software or algorithms. Instead, GnuPG uses many other, non-proprietary algorithms.

Restricting Access to External Systems

A very important step in updating a Linux system is to restrict access to external services . It is necessary to take into account one very important factor: today, the popularity of using distributions on Linux is growing very rapidly. This makes the servers very attractive to attackers. Security updates are widely distributed that include temporary workarounds. We recommend that you first restrict access to external services. To do this, you need to follow simple steps.

First, you must edit the /etc/hosts.allow file as well as the /etc/hosts.deny file to restrict access to services for external hosts.

File /etc/hosts.allow

# hosts.allow

in.telnetd: 123.12.41., 126.27.18., .mydomain.name, .another.name
in.ftpd: 123.12.41., 126.27.18., .mydomain.name, .another.name

File /etc/hosts.deny

# hosts.deny
in.telnetd: ALL
in.ftpd: ALL

Next steps

The next step is to install a security detection system: consider installing security software such as Tripwire to help you detect unwanted intrusions in the event of a threat, and Abacus Sentry, which can help prevent these unwanted intrusions.

Change SSH Port

By default, on all Linux servers, SSH connections are made through port 22. Attackers very often turn to this port in order to try to hack the server using Brute-Force or other hacking methods. By default, the SSH server opens TCP port 22 for incoming connections, and thus poses a potential brute-force threat.

It happens something like this: an attacker discovers such an open port on the server, tries to guess the password to the remote server using special automation tools. After that, he finds this password and has full root access to the server. The default SSH config is located in the following directory: / etc / ssh / sshd_config. A very simple way of how this procedure can be carried out will be described below.

Go to /etc/ssh/sshd_config

nano /etc/ssh/sshd_config

In the file that you open, you must enter the following:

Port 22

Next, you need to add a new line, with any port number. This could be for example 23471. It is recommended to choose a 4 or 5 digit value for the number, as it is very poorly popular with criminals. After the changes, it should look like this:

#Port 22
Port 23471

In order for the SSH server to understand and listen to the new port, which has been changed from 22 to 23471, you must enter the following:

/etc/init.d/ssh restart

Then, If you try to connect using the Linux command line, by default the SSH client will try to use the standard port, and this will result in a connection error:

ssh putty.org.ru
ssh: connect to host putty.org.ru port 22: Connection refused

Instead, you must pass the port number to the SSH client with the value of the -p parameter, as written in the command:

ssh -p 23471 putty.org.ru

If you have followed all the steps, then the connection will be successful. After that, you need to log in (if you are using PuTTY or another SSH client) with the already changed SSH port

Valuable Practical Tips for Linux VPS 2

Monitoring Your Log Files

Log Files are very important for a Linux system administrator or for a regular user who is a server for personal needs. Most of all Log Files are contained in the /var/log directory. Logging, or the introduction of reports, is the main source of information about the operation of the system, possible hacks and its errors. This is a reliable source of what activity is taking place on the server.

Linux Logs:/var/log/syslog, or /var/log/messages

They are the so-called custodians of information. This directory contains the global log here. Here messages are written from the very beginning of the system startup, from the Linux kernel. It also prints various services, discovered devices, network interfaces, and more. Also, scripts can be created from command sets to be executed before or after the backup operation, as follows:

/var/log/messages {
 rotate 10
 mail logadmin@hostry.com
 size 100k
 postrotate
 /usr/bin/killall -HUP syslogd
 endscript
 }

A cumulative 10 backups are provided here, and when the oldest backup expires, it is mailed to logadmin@hostry.com.

Linux Logs: /var/log/dmesg.

This is a device driver. With the command of the same name, you can view the output of the file contents. The log size is limited, when the file reaches its limit, older messages will be overwritten with newer ones. By setting the key –level =, you can filter the output by the criterion of importance.

The work of dmesg is to store information about the system boot process before starting syslogd, as well as the files /var/log/lastlog, /var/log/wtmp, /var/log/btmp, which have a binary format and store information about the last user logon to the system, all successful user logins, and all unsuccessful user logins.

Using the TOP utility

The top utility is one of the best tools for monitoring performance data. It provides a real-time overview of what is happening on the server and has many options for configuring which specific performance data to track. The top command in Linux systems allows you to display in a table a list of running processes and estimate how much resources they consume, i.e., what load they put on the server and disk subsystem. This information helps to further optimize the performance of the system. Running the top command and how it looks will be shown below graphically in the Screenshot.

Valuable Practical Tips for Linux VPS 3

VIRT – virtual memory used by the process
RES – physical memory occupied by this process
COMMAND – the name of the command (program) that initiated the process
SHR is the total amount of memory that this process shares with others
% CPU – the percentage of used CPU time
% MEM is the percentage of RAM used by the process
TIME – duration of the process from the start
S – current status of the process: R – running; S – sleeping, Z – zombie