Hardening SSHD for Security

The secure shell daemon should be hardened to prevent unauthorised access before being put into a production environment or exposed to the internet. 1. Verify the /etc/ssh/sshd_config file contains the following lines and that they are not commented out: Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you… Read more »

Secure Administrator account in Active Directory

Securing the Administrator account in Active Directory You may be thinking this should be common knowledge but time and time again I see directories with the Administrator account still in the “Domain Admins” group and active! Before you do this, ensure you are not using the domain administrator account for authenticating! I always follow a… Read more »

How to install and configure fail2ban on Linux

How to install and configure fail2ban Reducing your attack area is ideal but in the situations where you need to expose services to the wild, you should reduce the effectiveness of attacks, this is where Fail2Ban comes in handy, it constantly reads logs you specify in the configuration file for multiple user pass attempts, if… Read more »

How to disable root SSH logins

How to disable root SSH logins One of the biggest security holes you could open on your Linux server is to allow directly logging in as root through ssh, because any cracker can attempt to brute force your root password and potentially get access to your system. It’s much better to have separate account that… Read more »