In 2018, the FBI and the U.S. National Security Agency exposed a hack tool called “Drovorub.” According to the report by Reuters, the tool believed to be the work of Russian hackers was primarily built to infiltrate Linux-based computers. For instance, the Drovorub (also called the “Swiss Army knife”) allowed hackers to perform an array of activities, such as accessing and stealing sensitive data and remote-controlling the victim’s network. The malware-based infiltration had a vast potential to pass devastating impacts on victims if proper actions were not taken to alleviate the attack.
This, plus many other cases, quashes out the popular fallacy that Linux servers are unhackable. For your information, Linux is just as hackable as the other OS. It is just that Linux is regarded highly because of the achievements it has enjoyed, especially in the recent past. Many users view it as a special operating system because of its stability, efficiency, and, more specifically- its open-source nature. And this explains why most companies prefer Linux to other operating systems. According to the Top 500’s report, Linux is the OS behind all the top 500 world supercomputers. According to W3Techs, Linux also powers about half of the world’s top 1000 websites.
Linux Server Security
Despite its ubiquity and power, Linux is not devoid of security vulnerabilities. Malware infections, SQL injections, XSS vulnerabilities, broken authentication, XML External Entity, insecure deserialization, and command injections are some of the top Linux server security vulnerabilities you must know.
We will discuss all these threats in our subsequent posts. Our main agenda today is to explore some of the best practices for Linux servers. So, without much ado, let us dive in.
Linux Server Security Best Practices
1. Employ Best Password Practices
Ask any cybersecurity experts about the most basic measure for securing a server, and they will tell you that it is passwords. But weak passwords are as bad as the lack of one. What is the point of having a password that cannot secure your servers? Hackers will easily bypass such passwords and access your servers and data without any significant hurdles.
As a Linux server security best practice, ensure you employ strong and unique passwords when securing the servers. The passwords should feature a minimal length of ten characters and blend numbers, letters, and special characters. Passwords should also be changed frequently. Failure to follow these practices could put your Linux server right at the attacker’s jaws. Password manager tools such as LastPass and Dashlane could come to your aid and help you out.
2. Install SSL Certificate in Linux Servers
SSL certificates have been dominating the discussion on web application security. And because of their increased significance, most web admins have adopted them as perfect weapons for fighting common threats such as man-in-the-middle attacks. Essentially, SSL certificates help to initiate encrypted sessions so that the communication between your servers and users’ web browsers is free from eavesdroppers and prying eyes. So, if you care about the security of your Linux servers and your end-users, then it is only wise that you buy an SSL certificate to boost your security.
Installing an SSL certificate on your Linux servers does not require any technical know-how. You can use the Plesk control panel to install an SSL certificate. Whichever way, just ensure you have the certificate for the sake of your servers’ security and that of your users.
3. Use Two-Factor Authentication
Cases of brute force and dictionary attacks are enough proof that passwords can fail to protect your servers from security vulnerabilities. To cushion your servers from such threats, I recommend the adoption of two-factor authentications.
With two-factor authentication, even if an attacker succeeded in bypassing your password, they will not have access to your servers without the second authentication factor. The second authentication factor may include things like one-time passwords, biometric information, and secret codes.
4. Conduct Regular Software Updates
Conducting regular software updates that patch Linux server vulnerabilities can also help to enhance its security. It is unfortunate to learn that most Linux users often overlook these updates and end up living with loopholes that could potentially jeopardize the entire server. The reason is that hackers find these loopholes exploitable and use them to access important sections of the servers.
There are many options to update your Linux but using Ubuntu is more popular and easy. It involves using the command line as well as the Ubuntu update manager. You should use the following command to update via the command line:
The command will allow you to see the available packages. It can also provide information on the most recent versions. You can then proceed to use the following command to install the packages:
Enabling automatic updates is another great option you can employ. Depending on the software options, there are many options for enabling automatic updates. For instance, GNOME users should follow the following procedure to enable automatic updates:
- The first step is to navigate to the system menu
- After that, click on the Administration tab
- Under Administration, go to Update Manager and select the Settings tab
- On the Updates tab, you will find a setting that allows automatic updates without unnecessary notifications
5. Disable Booting From External Sources
Hackers can sometimes target external devices like USB thumb drives to gain access to your Linux servers. For this reason, you must disable booting for such external devices to minimize the risk and potential of physical threats. Physical attacks could be as detrimental as hacking. There are several ways of disabling booting from external sources. One method to do so involves opening the terminal and entering the following command:
“# chmod 000 /media/”
In any case, if you want to restore the access to USB, then you can enter the following code:
“# chmod 777 /media/”
6. Deactivate Dormant Ports
Open ports often reveal the architecture of the network, and this could help attackers craft a more modified and specific attack tailored to bring down your Linux servers. To be on the safe side, it is crucial that you close all ports that are not important. You need to determine the active ports first, and you can use the Netstat command to do so. You should use the following commands to determine the active ports:
- All TCP ports — “netstat -at”
- All UDP ports — “netstat -au”
- All listening ports — “netstat -l”
- Information for all ports — “netstat -s”
You also need security firewalls if you intend to enhance Linux server security. The firewall will act as your first line of protection in case hackers come knocking on your doors. The Linux firewall will be responsible for regulating, protecting, and blocking networks that pass through the Linux-based servers. There are two types of firewalls you can use for your Linux servers. A command line or GUI utility firewall sits on top of pre-created firewall services. You could install this type of firewall manually or use utilities that enable point-on-click setups. The second type of Linux firewall you can use on your Linux servers is the Standalone Linux firewall solution.
Several examples of firewalls will work best on your Linus servers. They include the following;
- Endian Firewall Community (EFW)
- Gufw Firewall
- Nebero Systems Linux Firewall
- OPNsense® Business Edition
8. Use the Secure Shell Protocol
Secure Shell Protocols (SSH) are vital because they help you make a secure connection to a network service over an unsecured network. SSH protocols are far more challenging to hack using brute force attacks which is why they are highly recommended. Although SSH key pairs might not be as user-friendly as passwords, they are more secure than passwords. Their security can be attributed to the encryption used when the servers are logged in. At the lowest level, the SSL key pair represents an equivalent of a twelve-character password. For this reason, implementing SSH protocol could be a vital server security best practice you should never ignore.
Linux servers are very popular among top websites and companies. They are known for their high efficiency and proper functionality. However, contrary to popular opinion, Linux servers are not 100% secure. They are as vulnerable as other operating systems. There are several Linux server security best practices you can adopt to protect your Linux servers from security vulnerabilities. This article has explained the eight most effective security measures to safeguard your Linux servers from security threats.
Best Linux Distros for Developers and Programmers as of 2022
Linux might not be the preferred operating system of most regular users, but it’s definitely the go-to choice for the majority of developers and programmers. While other operating systems can also get the job done pretty well, Linux is a more specialized OS that was…
How to Install Pip on Ubuntu Linux
If you are a fan of using Python programming language, you can make your life easier by using Python Pip. It is a package management utility that allows you to install and manage Python software packages easily. Ubuntu doesn’t come with pre-installed Pip, but here…