Detecting Listening Network Ports
One of the most important tasks is to detect and close network ports that are not needed.
To get a list of listening network ports (TCP and UDP sockets), you can run the following command:
netstat -tulp
Running a port scan from another server. (make sure that you have permissions to probe a machine):
How to turn on spoof protection
To turn on spoof protection, run a simple bash script:
Sysctl Hardening Modifies kernel operating values to strengthen TCP/IP stack against various attacks including syn floods.
sysctl.conf is a simple file containing sysctl values to be read in and set by sysctl(8)
EXAMPLES
TCP_SYNCookies protection
A SYN-flood attack has the ability to bring the network aspect of your linux box to a snail like crawl. TCP_SYNCookies protection attempts to stop this from taking a heavy toll on the machine. To enable tcp_syncookies protection, use the following command:
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
If it’s not enabled, there isn’t much you can do other than build a new kernel and reboot and use it.
Find if ssl certificate and key are paired correctly.
To view the contents of a certificate:
To view the contents of a private key:
If the modulus number and exponent of the cert and key match, they are paired correctly. If not, they are mismatched and apache will not start with ssl enabled.
Exclude packages from yum update
Example on how to exclude a number of packages:
1. Open /etc/yum.conf with your preferred text editor.
2. Enter the following line with your package names:
Home serverbuddies
© 2024 ServerBuddies Support Blog.Original WP theme by: nodethirtythree
www.serverbuddies.com