Automate SSH Key Rotation on Ubuntu with Ansible

Posted by & filed under Ansible, Hardening, Linux & Unix.

Overview Changing your SSH keys is as important as changing your underpants daily, running this script on a frequent basis will ensure access to the servers are changed on a regular basis. Use Ansible to do ssh key rotation in your sleep! Test Bed Ansible control server running Ubuntu 18.04 LTS Test server running Ubuntu… Read more »

Blocking Postfix traffic using Fail2ban

Posted by & filed under Fail2ban, Hardening, Postfix.

So if you are reading this then you have probably seen what appears to be every bot in China connecting to your Postfix server to attempt anything from relaying to auth attacking. Well, have I got the solution for you! Now before you implement this, I will warn you, this is very restrictive, it doesn’t… Read more »

Hardening SSHD for Security

Posted by & filed under Hardening, Linux & Unix.

The secure shell daemon should be hardened to prevent unauthorised access before being put into a production environment or exposed to the internet. 1. Verify the /etc/ssh/sshd_config file contains the following lines and that they are not commented out:

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If… Read more »

Secure Administrator account in Active Directory

Posted by & filed under Active Directory, Hardening.

Securing the Administrator account in Active Directory You may be thinking this should be common knowledge but time and time again I see directories with the Administrator account still in the “Domain Admins” group and active! Before you do this, ensure you are not using the domain administrator account for authenticating! I always follow a… Read more »