How to secure your server?

N

nepster-web2014-02-04 15:19:23

System administration

nepster-web, 2014-02-04 15:19:23

Bought a server running CentOS. Recently, I began to notice from the logs that someone is constantly trying to pick up passwords for the root. And most likely someone succeeded, since hellish things began to happen with the loss of files, etc.
Please tell me how to secure your server:
1) is it possible to somehow close the root user and give root rights to another user?
2) is it possible to make it so that only the specified ip could log in to the server?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

D

Dan Ivanov, 2014-02-04
@nepster-web

Check /var/log/secure and see if anyone has logged in as root.
Change the password to one that cannot be guessed using a dictionary.
Run rkhunter
Monitor the secure log to see if anyone is trying to log in as service users and if service users have environments.

V

Vit, 2014-02-04
@fornit1917

In the sshd config, you can specify which users can log in via ssh. You can remove the root from there, log in under another one and then do su.
In the same place, you can change the sshd port from the 22nd to some other thread.
And you can generally configure authorization not by password, but by RSA keys. This will be completely safe.
> whether it is possible to make so that only the specified ip could become authorized on the server?
Through iptables for example