Friday, July 10, 2009

HOWTO : Secure Ubuntu 9.04 Server in a passive way

Part 1

When root or sudoers access the server, you will be informed. It will also alert you when crackers gain rights of your server.

Add the following to the top of the file /root/.bashrc or sudoer's account and you will be informed by email when the root or sudoer account is being accessed.

echo -e "Root Shell Access on `tty` \n `w`" | mail -s "Alert: Root Access" samiux@gmail.com

or

echo -e "Sudoer Shell Access on `tty` \n `w`" | mail -s "Alert: Sudoer Access" samiux@gmail.com

Part 2

The official port of SSH is 22. You can change it to any port that between 1024 and 65535. You can do it at the router or firewall and you can do it at the configure file of SSH at /etc/ssh/sshd_config. You are recommended to disable the root account login via SSH even you are using Ubuntu.

Port 65535
PermitRootLogin no

sudo /etc/init.d/sshd restart
That's all. See you!