Template:Menu content security
Contents
Security
How to secure your server / workstation ?
Global security
Internet security
SSH
SSH
- SSH server setup
- SSH server using local user / password auth.
- SSH server using key auth.
- SSH server using LDAP user auth.
- SSH server using LDAP key auth.
Firewall
This section explains HOW to create, maintain and use a firewall with IpTables.
| Firewall | |
|---|---|
| Basics | Firewall principle |
| Firewall basics | |
| Firewall core (main) protocols | |
| Firewall VPN | |
| Firewall OUTPUT filters | |
| Firewall INPUT filters | |
| Firewall log dropped | |
| Advanced | Firewall port forwarding |
| Firewall source address filtering | |
| Installation and scripts | Firewall installation scripts |
SSH can also be used to create a [VPN tunnel over SSH]
You can also try to setup the interactive firewall: DouaneAPP (http://douaneapp.com/)
apt-get install build-essential
apt-get install dkms
apt-get install libboost-filesystem-dev libboost-regex-dev libboost-signals-dev policykit-1 libdbus-c++-dev libdbus-1-dev liblog4cxx10-dev libssl-dev
apt-get install libboost-signals-dev libdbus-c++-dev libdbus-1-dev liblog4cxx10-dev libgtkmm-3.0-dev
apt-get install gtk+3.0 python3 python3-gi policykit-1 python3-dbus>> Official Douane website: https://github.com/Douane/Douane
SSL
SSL certificates and chain of trust
VPN
Virtual Private Network (VPN)
Remote desktop
Remote desktop
Intrusion Detection / Protection
Protection is good, but that's not enough! We need to detect attacks.
- IDS = Intrusion Detection System : tool that detect attacks.
- IPS = Intrusion Protection System : detect an intrusion attempt and react upon it.
I'm using one of the most famous IDS: "Snort" (https://www.snort.org/).
Crontab
To run some task / scripts periodically
