Toughening the defences of your Linux server

These days, keeping your network activities safe from attacks is vital, as we're being warned all the time that cyber crime and malware is constantly on the rise. Obviously, having strong anti-malware software in place is a must, but if you're using Linux-based dedicated servers or Cloud VPS, there are several things you can do to keep your system  safe. Some of these have been highlighted this week by IT World. The publication noted its tips are intended to apply specifically to servers running Red Hat Enterprise Linux (RHEL) 5, but most of its suggestions can be used on almost any Linux-based distribution, as well as many Unix options.

Keep your software lean

The internet news provider explained the more applications you have installed on a server, the more potential vulnerabilities you open yourself up to. Therefore, for the best protection, it was recommended you restrict the tools you add, maintain what is clearly required and actively keep an eye out for new vulnerabilities.
It added: "The more critical a server, the less tolerance you should have for anything beyond the essential services."

Encrypt your data

Ensuring any information passed over a network seems obvious, but you'd be surprised how many people are still using protocols that don't encrypt key details such as passwords.
It was noted it's not difficult for an individual to download and use tools to monitor this data and capture sensitive information, so it you aren't taking basic precautions, you've only got yourself to blame if you suffer a breach.

Maintain user accounts

IT World added you need to keep a close eye of who has access to your servers. It stressed the importance of deleting or at least disabling unused accounts as quickly as possible - ideally as soon as an individual leaves an organisation or moves to another project.

Related to this, you also need to create and enforce a good password policy. On RHEL, there are inbuilt password complexity controls that will ensure they users do not pick weak passwords for themselves - for example by mandating on minimum length and a mix of character types.

It was noted these are just some of the basic general principles you need to be following, as there as many things you can do to keep your servers secure.