2009/10/21 Peter Adam Kelly <pe...@thatwilldo.com>: > Thanks loads for the info, > > I am brushing up on my knowledge of network security, I have some Ubuntu > dedicated and VPS servers and of course I want them as strong as can be, any > more links or info would be appreciated. > > Cheers
Something which I've suggested on another thread in here, so you may have already read, is installing fail2ban on any servers with public-facing ports. By default it is set up to monitor ssh auth logs, and it can be configured to monitor any type of logs you want, with several pre-built watchers provided that just need enabling. fail2ban combined with strong passwords is significantly better than just strong passwords. Another thing I would suggest is if at all possible do not run an FTP service (unless it is just anonymous FTP). FTP is a clear text protocol, which means when you send your password it is sent in plain text. Anyone that is between you and your server could theoretically intercept your password, and then use it to connect to your server themselves. use SFTP instead (SFTP is file transfer via SSH, it's not as related to FTP as it sounds). Other than that, just keeping your systems up to date with the latest versions of packages should keep you secure against most attacks that might come your way :-). -- Matt Wheeler m...@funkyhat.org -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
