Difference between revisions of "Linux server security"
From Gender and Tech Resources
m |
m |
||
| Line 21: | Line 21: | ||
Blocking ICMP and look invisible to ping. | Blocking ICMP and look invisible to ping. | ||
| − | == | + | == Backups == |
| − | === | + | === Backup over ssh === |
| + | |||
| + | === Backup with rsync === | ||
| + | |||
| + | === Backup with unison === | ||
=== Traffic control === | === Traffic control === | ||
Traffic Control (TC) and TC New Generation (TCNG) | Traffic Control (TC) and TC New Generation (TCNG) | ||
Revision as of 14:34, 26 July 2015
Contents
Installing intrusion detection
In hostile environments such as server environments, using a FIA makes sense only if it is installed, fully configured and initialised at the very first boot after an installation from scratch, before ever connecting to the internet or doing anything else. It takes only one attack to install a backdoor. Installing aide or tripwire after such an event would guarantee that the backdoor remains just as open as the day an intruder installed it. For more on aide vs tripwire, see Linux applications: Intrusion detection, and for an example install of aide, see Linux security: Installing intrusion detection.
tripwire
== Installing
Server connections
Remote commands and procedure calls
ssh, rssh, scp and sftp.
Remote Procedure Calls (RPC), Portmapper
Network Wrappers (PAM)
ICMP
Blocking ICMP and look invisible to ping.
Backups
Backup over ssh
Backup with rsync
Backup with unison
Traffic control
Traffic Control (TC) and TC New Generation (TCNG)