Improve your Linux server security with command line tools

Improve your Linux server security with command line tools

In today’s digital age, server security is an important issue that any business or individual needs to pay attention to. By strengthening your server's security, you can prevent malicious attacks and data leaks. Linux servers are widely used in various application scenarios because of their stability and customizability. In this article, we will introduce some command line tools that can help strengthen the security of your Linux server.

1. Fail2Ban

Fail2Ban is a tool for monitoring and responding to malicious behavior on your server. It can detect behaviors such as brute force logins, DDoS attacks, etc., and automatically block the attack source based on configured rules. The following is an example of installing and configuring Fail2Ban:

# 安装 Fail2Ban
sudo apt-get update
sudo apt-get install fail2ban
# 配置 Fail2Ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vi /etc/fail2ban/jail.local
# 修改配置文件，设置需要监控和封锁的行为规则
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 3600
# 重启 Fail2Ban 服务
sudo systemctl restart fail2ban

2. ClamAV

ClamAV is an open source anti-virus software that can be used to detect and remove malware, viruses, etc. . Here is an example of installing and using ClamAV:

# 安装 ClamAV
sudo apt-get update
sudo apt-get install clamav
# 更新病毒数据库
sudo freshclam
# 扫描指定目录
sudo clamscan -r /path/to/directory
# 或扫描全盘
sudo clamscan -r /
# 删除发现的恶意文件
sudo clamscan -r --remove /path/to/directory

3. Lynis

Lynis is a tool for assessing and improving the security of Linux systems. It can detect and fix potential security vulnerabilities, configuration errors, and more. Here is an example of installing and using Lynis:

# 安装 Lynis
sudo apt-get update
sudo apt-get install lynis
# 运行 Lynis
sudo lynis audit system

4. OpenVAS

OpenVAS is an open source vulnerability assessment tool that scans servers for vulnerabilities and security weaknesses. Here is an example of installing and using OpenVAS:

# 安装 OpenVAS
sudo apt install openvas
# 配置和初始化 OpenVAS
sudo greenbone-nvt-sync
sudo greenbone-scapdata-sync
sudo greenbone-certdata-sync
sudo openvasmd --create-user=admin
sudo openvasmd --user=admin --new-password=myadminpassword
sudo openvas-manage-certs -a
sudo openvasmd --rebuild
# 启动 OpenVAS 服务
sudo openvas-start
# 访问 OpenVAS Web 界面
http://localhost:9392

5. SSH Security Setup

SSH is a common protocol for logging into Linux servers remotely. In order to improve the security of the server, we can take the following measures:

• Prohibit root users from direct remote login
• Use key login instead of password login
• Restrict allowed logins IP address range
• Modify SSH default port

Please refer to the following sample configuration file/etc/ssh/sshd_config:

PermitRootLogin no
PasswordAuthentication no
AllowUsers your_username
Port 2200

Complete After the above settings, restart the SSH service: sudo systemctl restart sshd

Summary

By using the command line tools mentioned above, we can enhance the security of the Linux server. Remember, security is an ongoing process that requires regular review and updates. When using these tools, make sure you read the relevant documentation and configure them appropriately based on your actual needs. Maintaining the security of your server is crucial as a system administrator or server owner.

The above is the detailed content of Improve your Linux server security with command line tools. For more information, please follow other related articles on the PHP Chinese website!