QualityBeatsQuantity 6 Posted January 31, 2015 Share Posted January 31, 2015 Hey guys... I'd like to talk about security of my private server. Before going public, what do I need to take care of? What are the kinds of attacks and hacks that I can expect? If we assume that the login details for server management are kept secret, important ports closed from public access, no backdoor in game file, and the server has hardware based DoS protection, what else is there? This would've been much easier if I was an asshole myself and continually messed around with cheating and hacking. I have no experience whatsoever with malicious attempts, and this (sadly) isn't a good thing when it comes to running my own server. Thanks in advance. Link to comment Share on other sites More sharing options...
QualityBeatsQuantity 6 Posted February 2, 2015 Author Share Posted February 2, 2015 The best help is when you help yourself. was a good find. Link to comment Share on other sites More sharing options...
Ygritte 2 Posted February 3, 2015 Share Posted February 3, 2015 I will assume your server platform is a FreeBSD based one. "Security is a journey, not a destination", let's keep this in mind. Probably/arguably the most abused service on a server is the sshd daemon, many and i mean MANY sysops run it with default settings and scratch their heads when funny things happen, Some configuration directives that should be set/modified follow, please feel free to add your own: have the daemon listen on a single address and different port per host, default are all addresses and port 22, think jails, you can/must have an instance running on the host and separate instances for every jail, independently disable root login, add your trusted users to wheel group so that they can su to root or use sudo to gain root privileges allow only certain users to connect (AllowUsers user1 user2 directive), use su or sudo, see above use key based logins only Bruteforce attempts should be blocked at firewall level, sshguard does work together nicely with pf, ipfw, ipfilter, even iptables Jail your Internet facing services whenever you can (always ) Use kern.securelevel 3 sysctl but only and only when everything is set up and working the way expected, be very careful here, a superprocess can increase the secure level but cannot decrease it. A good reading can be the Handbook and/or security(7) man page online. Read religiously the security advisories, what help is a tied down operating system if one runs on it backdoored/buggy or otherwise compromised applications?Compile yourself your programs whenever is possible, you have access to sources, you can iron out bugs or can spot suspicious code that could/should make a security aware sysop rise an eyebrow. Now, a scary reading for those who think security really exists: Reflections on Trusting Trust by Ken Thompson (it gets scary in Stage II, just read patiently). ... whatever you are, be a good one... Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now