Sau khi cài đặt Linux, các phần mềm cần thiết cần cấu hình bảo mật như sau:
ssh
- Set a banner message
- Configure Idle Timeout Interval
- Disable Empty Passwords
- Limit Users’ SSH Access
- Limit Login/Access Attempts
- Disable Root Logins
- Only Use SSH Protocol 2
- Use Another Port
- Allow Only Specific Clients
- Enable Two-Factor Authentication
- Use Public/Private Keys for Authentication
- Turning Off TCP Port Forwarding and X11 Forwarding
- IP Restrictions for SSH Connections
- Thwart SSH crackers/brute force attacks: Fail2ban
Firewall
- /etc/firewalld