10 Tips for Hardening your Linux Servers

preview_player
Показать описание
For the first episode in my Enterprise Linux Security series, I go over 10 tips for hardening your Linux servers. This video includes some important suggestions to take into consideration for your infrastructure, that will serve as a foundation for future episodes. As the series continues, we'll explore more concepts in-depth.

# LearnLinuxTV Links
🐧 Main site:

🐧 LearnLinuxTV Community:

# Support LearnLinuxTV (commission earned)
📖 Check out Jay's latest book, Mastering Ubuntu Server 4th Edition. Covers Ubuntu 22.04!

🙌 Support me on Patreon and get early access to new content!

☁️ Check out KernelCare Enterpise and patch your servers in real-time:

☁️ Support LearnLinuxTV and Set up your own cloud server with Akamai Connected Cloud:

🛒 Affiliate store for Linux compatible hardware/accessories (commission earned):

💻 Check out the Tiny Pilot KVM for your Homelab (commission earned):

# About Me
🐦 Follow me on Twitter!

👨 More about me:

# Recommended evergreen videos:
💽 How to create a bootable flash drive for installing Linux

🐧 OpenSSH Guide

📖 LVM Deep-dive:

🔐 How to better secure OpenSSH:

☁️ How to create a cloud Linux server with Linode:

*📘 FAQ*

#Server #Linux #Security
  1. Learn Linux TV
  2. Linux
  3. Tutorial
  4. Review
  5. Howto
  6. Guide
Рекомендации по теме
10 Tips for 0:22:48

10 Tips for Hardening your Linux Servers

10 Steps to 0:14:21

10 Steps to Hardening Your Home Against Wildfire

Home Security - 0:04:34

Home Security - How to Harden Your Home With Navy SEAL 'Coch'

Windows 10 Hardening 0:10:36

Windows 10 Hardening

Tips on hardening 0:16:29

Tips on hardening your security software

5 Steps to 0:23:15

5 Steps to Secure Linux (protect from hackers)

The COMPLETE Linux 0:18:58

The COMPLETE Linux Hardening, Privacy & Security Guide!

What is server 0:08:43

What is server hardening ? Few Tips for hardening your servers by Luv Johar

👉 This #1 0:39:11

👉 This #1 VITAMIN AFTER 50 is a TRUE MIRACLE for Improving Your Blood Circulation in Legs and Feet...

Network Fundamentals 12-10: 0:09:41

Network Fundamentals 12-10: Hardening Techniques

10 Tips and 0:05:34

10 Tips and Tricks for EVA Foam!

The Top 10 0:21:16

The Top 10 Things to Do After Installing Kali Linux on Your Computer [Tutorial]

System Hardening - 0:10:40

System Hardening - CISSP

Home Hardening Tips: 0:01:04

Home Hardening Tips: Windows & Outdoor Plants

BEST WINDOWS HARDENING 0:37:09

BEST WINDOWS HARDENING TOOLS | ConfigureDefender, HotCakeX, HardeningKitty - Setup Guides

Use strong and 0:01:23

Use strong and unique password | Hardening linux server

10 Easy & 0:12:37

10 Easy & Inexpensive Hacks to Burglar-Proof Your Home

Top Tips to 0:11:58

Top Tips to Secure A PC | Cybersecurity Hardening & Security (Part 3/4)

Maurizio Pelizzone: WordPress 0:10:38

Maurizio Pelizzone: WordPress Hardening – Ten tips in ten minutes

CompTIA Network+ N10-008 0:04:38

CompTIA Network+ N10-008 OBJ 4.3 Network Hardening Techniques part 1

In the Kitchen 0:01:02

In the Kitchen - Seasoning a Stainless Steel Pan

Nail Dipping Powder 0:00:41

Nail Dipping Powder Troubleshooting - Prevent Brushes From Hardening

10 easy steps 0:06:41

10 easy steps to prevent home invasions

Network Hardening - 0:19:15

Network Hardening - N10-008 CompTIA Network+ : 4.3

Комментарии
Автор

01 # 02:42 #  Number 1 : Adjust your mindset
02 # 04:59 #  Number 2 : Patch your servers (and no excuses)
03 # 07:59 # Number 3 : Strengthen your passwords
04 # 09:10 # Number 4 : Don't open services to the public internet (unless you have no other choice)
05 # 11:32 # Number 5 : Lock down SSH
06 # 13:41 # Number 6 : Implement as many as layers of security as possible
07 # 15:12 # Number 7 : Implement reliable backups that are fully tested
08 # 16:57 # Number 8 : Take advantage of monitoring tools
09 # 18:41 # Number 9 : Consider a third party security audit
10 # 20:02 # Number 10 : Implement a business continuity plan

NodeNomad
Автор

I love it that you think of backups and continuity as security issues. I've worked for too many companies where that wasn't the case. However there was one that I worked that was in the process of designing their own self-healing environment. Really appreciate that they were pushing forward with that idea.

unattributed
Автор

Jay, a video on monitoring tools would be nice. Thanks and keep up the great work.

drmikeyg
Автор

As an aspiring Linux System Administrator, this video is invaluable. Thank you

stefandevos
Автор

Doing vulnerability scans should be on this list.

fredtheilig
Автор

Great video Jay. A multi part on Locking down a public facing server to maybe DOD levels would be great. Your common sense approach is refreshing.

wekiwa
Автор

great..but plz add timeline in future videos

here_is_pacific
Автор

Going into my second year into System Administration, I'm very much thankful for your information. I will be looking forward to apply them in my company's servers.

abdalla
Автор

Enjoy your content Jay - as always. One of the best Linux channels on Youtube, and with recent content - probably the best IMHO. Really looking forward to this series.

natem
Автор

Thanks Jay! One of the big questions I've always had is around item 7--tested backups. I have basic systems like Deja Dup that does my desktop backups to a second disk in the machine and to a NAS on my network (still need an offsite/cloud option in the mix), but my question around this is always about testing the backups. How? Do I just run the restore and wait to see if it throws an error? Does that risk corrupting my existing data? What other way is there to test a backup properly then?

Love the idea for this latest series!

KevinLyon
Автор

Great video 👍 you could elaborate on the 10 points more in the upcoming videos.

strg
Автор

10:40 I learned this lesson today. I was setting up an instance to test for database replication. I don't have much knowledge about all the ports setting, so I set it to listen to public. In just few hours my log files were filled with all kinds of suspicious activities. After googled I realized these are mining virus. Public internet is scary. 😂

cjt
Автор

Good growth of the channel. Hard work and consistency paying of.

peterjansen
Автор

You really found your speciality.. Excellent videos. Best for your success!

SupraRyu
Автор

i feel Patching techniques for different servers should be the next

akshayvyas
Автор

Keeping server up to date is important, although it's worth noting auto-updates can break your server and your service could be down for some time before fixing it

QuarKSonTV
Автор

In addition to patching the OS, don't forget about driver & firmware updates.

jschucke
Автор

I think the wording you were looking for is that you were not looking to incite baseles panic. It is always good to know that you don't know what you don't know, which can be scary when you have a lot hanging on the line.

BloodAsp
Автор

Plans vs accessibility: in the DMZ [needs a public IP] vs behind a NAT firewall vs only accessed externally via VPN.

fullscaleme
Автор

18:09 This is what I do for public facing servers. Basically no one should be logged into them, so I've got NCPA running a user check every 30 seconds, and sending that information back to Nagios. For the reverse scenario, a server where you expect a lot of user traffic, you can enable State Stalking on a User List service check, that way when someone does log in, Nagios records who logged in, and you have it down to inside of a minute when they logged in, and what the username was.

praecorloth