Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
@ Firewall
-In Ubuntu all ports are block by default
-Default firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
-Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user guest
-Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
+sudo chmod 0750 /home/username
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under Accessories), other anti-virus
@ Unistall Applications
-Ubuntu Software Center-> Installed software section-> Select application and click remove
@ Processes
-To see processes
+ps aux or top
+system monitor(cacti, nagios,)
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
+ /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
@Firewall
ufw
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
2. Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
3. @ Firewall
-In Ubuntu all ports are block by default
-Dault firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
4. Other ways we can configure by iptables to filter the packet/ports
* The first is we drop the package or services
5.
6. * Allow host ping to the Internet and use the dns local and ISP
7.
8.
9.
10. -Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user Guest
11.
12.
13. -Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
14. +sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user
authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
15. +sudo chmod 0750 /home/username
***When the user login and access to this directory it'll not permitted to this home
folder.
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under accessories)
-Other anti-virus
@ Uninstall Applications
-Ubuntu Software Center-> Installed software section-> Select application and
click remove
@ Processes
-To see processes
+ps aux or top
+system monitor
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
16. + /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other
log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong
passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user
Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
17. -
=> Security Application
* Disable Unwanted Services
* Services and port security (/etc/services )
The port numbers are divided into three ranges:
1. Well Known Ports: those from 0 through 1023.
2. Registered Ports: those from 1024 through 49151
3. Dynamic and/or Private Ports: those from 49152 through 65535
21: FTP Server
• 22: SSH Server (remote login)
• 25: SMTP (mail server)
• 53: Domain Name System (Bind 9 server)
• 80: World Wide Web (HTTPD server)
• 110: POP3 mail server
• 143: IMAP mail server
• 443: HTTP over Transport Layer Security/Secure Sockets Layer (HTTPDS
server)
18. • 445: microsoft-ds, Server Message Block over TCP
=>Backup Ubuntu File Database
=> Apply all New System Updates
=> Monitoring system
=> Encrypt Data Communication (Fire Sharing, FTP, SSH)
#Managing File System Security
#User and Group Administrations
#Package Management