|
|
|||||||
| VPS Forum Virtual Private Server Talk |
 |
|
|
LinkBack | Thread Tools | Search this Thread | Display Modes |
24-05-09, 11:44 AM
|
#1 (permalink) |
|
Junior Member
Join Date: May 2009
Posts: 3
Credits: 198
Thanks: 0
Thanked 0 Times in 0 Posts
Rep Power: 0  |
Securing your new VPS
Hey Everybody,
Finding out your VPS has been hacked is like walking out to your car, and seeing the gaping hole where your stereo used to be. It hurts, bad. However there are plenty of steps you can take as a VPS owner to secure your setup. Most of these are fairly basic and can halt the majority of hacking attempts. If you need help setting up or configuring anything listed below, don't hesitate to contact support. Who knows, you could get lucky and get me for your tech! 1) Securing SSH SSH presents a unique problem. It is necessary for system administrators to manage their servers, and because of that it raises security vulnerabilities. For those of you who use cPanel / Plesk or Webmin-Usermin, you may not use SSH everyday, or at all. It is easy to forget about it. 1.1 don't login (or allow logins) to ssh as 'root' The user root is way, way to powerful to be allowed direct remote access. This does not mean you need to disallow root functions over ssh. In this setup another user is first used to login to ssh, and then the sudo command is used to allow root only operations. (Don’t worry, it’s not complicated... really it’s not First ssh in to your VPS (if you have to use root this time, so be it) at the prompt type the command Code: nano -w /etc/ssh/sshd_config this will open the Nano text editor and allow you to edit the ssh configuration find the line Code: # PermitRootLogin yes and change it to Code: PermitRootLogin no hit cntrl + x to exit Nano, then hit y and then enter to save the file Now, we need to make a user to login to SSH when root level functions need to be performed. when you are at the command line in ssh type the following command Code: useradd NewUserName -g wheel this will create a new user in the wheel group (change NewUserName to whatever you want this user to be called) Next run Code: passwd NewUserName and enter the new password for the user you just created Please Please Please use strong passwords, they are your first line of defense against hackers. Setting your password to doggie, is about the same as locking your front door with a q-tip and some scotch tape. Google "complex passwords" for some help picking one Now we need to edit the suddoers file. This file determines who is allowed to use the sudo command, and that is what will allow you to act like root, without actually using the root account. Since we added the new user to the wheel group, all we need to do in here is allow the wheel group to sudo. This is already in the file so all we need to do is remove the comment in front of it. Here is how Code: nano -w /etc/sudoers Find the line HTML Code: # Uncomment to allow people in group wheel to run all commands # %wheel ALL=(ALL) ALL and remove the # like so Code: # Uncomment to allow people in group wheel to run all commands %wheel ALL=(ALL) ALL again, hit cntrl -x, then y and then enter to exit and save the file Now, all you need to do is run the following command to restart ssh services and you done (you may get booted out of ssh after you run this command) Code: service sshd restart All set, you have no disallowed the root account to login through ssh. To login to ssh to perform root functions, use the following steps. SSH to your server using the username and password you created above, not root. Next type the following command Code: sudo su - This will bounce you up to root for the entire time you are logged in. Alternatively you can use sudo in front of any command to run just that command as root For ex. Code: sudo nano -w somefile.txt would open somefile.txt as the root user. 1.2 Changing the SSH port The standard port for SSH is 22, and hackers are well aware of this fact. Changing the ssh port is a great way to avoid some common brute force hacking attempts and the like. First ssh into your VPS (using the new account and password from above and then sudoing up to root) Edit the ssh config file Code: nano -w /etc/ssh/sshd_config Now, find the line labled Code: # Port 22 and change it to Code: Port zxy where zxy is any 4 digit number you wish, (note this number) hit cntrl + x to exit Nano, then hit y and then enter to save the file Now, you need to open up this new port in your VPSs firewall. If you dont know how to do this already, dont attempt it before consulting support. Simply open a support ticket, and we will have this port opened for you in half a jif, just make sure to include the port number you have set in the ticket. Now, restart sshd with the folowing command, and your all set. Remember to change the ssh port in whatever client ssh program you use to connect to your VPS. Code: service sshd restart |
|
|
|
04-07-09, 10:03 PM
|
#3 (permalink) | |
|
Administrator
Join Date: Aug 2008
Location: karachi
Posts: 751
Credits: 11,810
Thanks: 7
Thanked 38 Times in 35 Posts
My Mood:
Rep Power: 10 
|
Re: Securing your new VPS
Quote:
|
|
|
|
|
|
|
|
|
Advertisement
|
Sponsored links
|
|
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Securing Your Business with Cisco ASA and PIX Firewalls | syndicate | Applications Download | 0 | 06-11-08 11:46 AM |
| Securing Cisco Networking Devices (SND) v2.73 pass4sure dumps | syndicate | Applications Download | 0 | 13-09-08 10:00 AM |
Linear Mode
