See also: 9 Tips To Protect Linux Servers Physical Console Access . 16. Disable Unwanted Linux Services Disable all unnecessary services and daemons (services that runs in the background). You need to remove all unwanted services from the system start-up. Type the following command to list all services which are started at boot time in run level # 3: # chkconfig --list | grep '3:on' To disable service, enter: # service serviceName stop # chkconfig serviceName off A note about systemd based Linux distro and services Modern Linux distros with systemd use the systemctl command for the same purpose. PRINT A LIST OF SERVICES THAT LISTS WHICH RUNLEVELS EACH IS CONFIGURED ON OR OFF # systemctl list-unit-files --type=service # systemctl list-dependencies graphical.target TURN OFF SERVICE AT BOOT TIME # systemctl disable service # systemctl disable httpd.service START/STOP/RESTART SERVICE # systemctl disable service # systemctl disable httpd.service Get status of service # systemctl status service # systemctl status httpd.service VIEWING LOG MESSAGES
# journalctl # journalctl -u network.service # journalctl -u ssh.service # journalctl -f # journalctl -k 17. Find Listening Network Ports Use the following command to list all open ports and associated programs: netstat -tulpn OR use the ss command as follows : $ ss -tulpn OR nmap -sT -O localhost nmap -sT -O server.example.com Top 32 Nmap Command Examples For Sys/Network Admins for more info. Use iptables to close open ports or stop all unwanted network services using above service and chkconfig commands. update-rc.d like command on Redhat Enterprise / CentOS Linux . Ubuntu / Debian Linux: Services Configuration Tool to Start / Stop System Services . Get Detailed Information About Particular IP address Connections Using netstat Command. 18. Delete X Window Systems (X11) X Window systems on server is not required. There is no reason to run X11 on your dedicated Linux based mail and Apache/Nginx web server. You can disable and remove X Windows to improve server security and performance. Edit /etc/inittab and set run level to 3. Finally, remove X Windows system, enter: # yum groupremove "X Window System" On CentOS 7/RHEL 7 server use the following commands: # yum group remove "GNOME Desktop" # yum group remove "KDE Plasma Workspaces" # yum group remove "Server with GUI" # yum group remove "MATE Desktop" 19. Configure Iptables and TCPWrappers based Firewall on Linux Iptables is a user space application program that allows you to configure the firewall (Netfilter) provided by the Linux kernel. Use firewall to filter out traffic and allow only necessary traffic. Also use the TCPWrappers a host-based networking ACL system to filter network access to Internet. You can prevent many denial of service attacks with the help of Iptables: How to setup a UFW firewall on Ubuntu 16.04 LTS server How to set up a firewall using FirewallD on RHEL 8 Linux: 20 Iptables Examples For New SysAdmins CentOS / Redhat Iptables Firewall Configuration Tutorial Lighttpd Traffic Shaping: Throttle Connections Per Single IP (Rate Limit)
You've reached the end of your free preview.
Want to read all 15 pages?
- Spring '20