Securing SSH on CentOS 7.4

Yeah! Let’s do some more CentOS 7.4 hardening with SSH. Last hardening post was all about OSSEC. Now something that I set up months ago, and pretty secure as a matter of fact, but nevertheless could use a bit of tweaking. As said, I think my config was rather secure already but in the last…

Continue Reading

Install OSSEC 2.9.2 IDS on CentOS 7.4

I’ve been doubting for days which IDS/IPS (Intrusion Detection System/Intrusion Prevention System) to use. Options were but not limited to Fail2Ban, Snort, Tripwire and Suricata. Eventually I’ve decided to install and test the OSSEC IDS software. Fail2Ban seems old and limited, Snort is by Cisco (which made me doubt the willingness to invest in the…

Continue Reading

Install Linux Malware Detect on CentOS 7.4

Following the installation of Rootkit Hunter, today we’re going to install Linux Malware Detect (LMD). LMD is going to use ClamAV which we installed here. This is all part of a couple of security related posts I’m having fun with. And not only having fun with, its absolutely necessary. To give you two very recent…

Continue Reading

Install ClamAV on CentOS 7.4

OK awesome. We’re having our first non-standard CentOS security mechanism in place. It’s running, sending me reports and stuff, and I’m testing all kinds of things with the rkhunter setup. As simple as it is, it’s pretty valuable. Today I want to install ClamAV. I’m going to install Linux Malware Detect (LMD) to help harden…

Continue Reading

Install Rootkit Hunter on CentOS 7.4

After a couple of nice, interesting and random posts we’re going to grit our teeth in a couple of important security related posts. First on the list is Rootkit Hunter, or rkhunter for short. So security. Where to begin..? On my CentOS 7 boxes there is the firewall and SELinux in enforcing mode. Configuring this…

Continue Reading

Install SSL certificate in Nginx

Now that I’m getting a good grasp on Apache I’m being forced to get familiar with it’s nemesis Nginx as well. Don’t get me wrong: I don’t mind it at all, I’ve heard it is blazing fast in comparison with Apache, but it is another world entirely. That being said, I have to install a…

Continue Reading

SSH keys vs passwords

So I might be managing many Linux machines in the near future and one thing that is on my mind already: use passwords or SSH keys to login? As you might have boticed I’m getting more and more into the security aspect of Linux. This and this should be the start of such a ‘project’…

Continue Reading

CentOS firewall-cmd examples

Also part of the TO DO list is to check my firewall configuration. The firewall in my CentOS box is firewalld which can be controlled with the command firewall-cmd. I’ve needed it often in the past to simply add or remove ports after configuring services and/or restart the firewall. Somehow the syntax won’t stick in…

Continue Reading

Zimbra – Enable SELinux

First of all, from my TO DO list, is the thing that bugged me the most: SELinux and Zimbra. I’m sticking with Zimbra for now, so it better be secure. In the past I’ve complained a couple of times that to be able to run Zimbra on a CentOS box, you have to disable SELinux….

Continue Reading

Check md5 hashes

A simple but important tip. From the Linux command line you can easily check the md5 hash of every file. From Wikipedia: The algorithm is a widely used hash function producing a 128-bit hash value. Although it was initially designed to be used as a cryptographic hash function, it has been found to suffer from…

Continue Reading