Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
After reading some post alot of you have made I have notice questions about security and which linux os is the best and how can I stop hackers from hacking me. Well I am going to answer those questions and hope you take heed to them.
1. How can I secure my system?
Well using any distribution of linux requires some common sense as well, as we all know your system is as secure as your weakest point.
Never install rpm or deb or tgz applications you do not attend to use, or if you do follow-up with paches. Also disable ports you don't attend to use (Alot of you are wondering....How do I do that?) change directory to /etc/ and vi or pico services, now be careful and don't disable critical ports to stop you from logging in. Also remove daemons you don't use or shut them off and make sure you get rid of that telnet and install ssh2 not ssh1 as we know there is a major hack for ssh1 now you can disable ssh1 by pico or vi /etc/ssh/sshd_config
and making sure [ protocol 2 ] not 1 then restart ssh. Also get rid of wu-ftpd and install proftpd you can download this at proftpd.org, I recommend the rpm for redhat users. Also there is a nice package called portsentry that allows you to detect port scans and block them using ipchains or iptables . Sendmail the biggest hole of them all, well I don't use it I use postfix which is easy to install and upgrade from sendmail to it just by downloading the rpm file and typing rpm -uvh postf*.rpm make sure you read the docs to get a clear understanding on how it works, but I think it is pretty simple.
There is alot more I can tell you on this issue but first digest then we will see.
you know they will still ask, as time goes by, this thread will keep getting further down the list as more questions are asked in this forum.... good information, just not a good idea to post stuff like this, it just gets ignored most of the time.
I applaud your effort to try and set up some kind of howto, and not to put you off of it, but I think you should be way and way more specific if you want to succeed.
I would like to invite you (all) to add your knowledge to a /security forum FAQ we should start building. This won't become a "howto" I think, cuz there's lotsa howto's (fi. at linuxdoc.org, sans.org or cert.org) that handle (aspects of) security in general or specific, factual and meticulously...
Location: United States of America and damn proud of it!
Distribution: Windows 10 prior Red Hat User
Posts: 473
Rep:
This is for Linux God. You mention "rid of that telnet and install ssh2 not ssh1 as we know there is a major hack for ssh1 now you can disable ssh1 by pico or vi /etc/ssh/sshd_config"
As you can see, I have included my sshdconfig file. Where would I do what you are suggesting?
# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication no
# RSAAuthentication yes
"ssh_config" 38L, 1167C
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
Host *
ForwardX11 yes
"ssh_config" 38L, 1167C
Moderator note: Scottpioso, please do not tack on your off topic question to a thread that is rather stale and over a year old: please create your own thread.
I have no idea what you mean.
1. This thread was made and last added to in 02/2002. In my book that's a rather old thread. Old threads don't need resurrection unless there's a damn good reason. Besides that we haven't heard from Linuxgod since 03/2002 so I would be surprised if he would actually answer :-]
2. The question you ask does not contribute to the topic of this thread.
Btw, answering your question, if you have OpenSSH-v3.x, in the sshd_config the "Protocol 2,1" directive tells sshd what protocol versions to accept.
This should read "Protocol 2" to get rid of ssh clients trying to connect with ssh1.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.