Table of Contents

Security

fail2ban

Important and sometimes tricky. some hints:

  • if your iptables default policiy is ACCEPT in INPUT chain, use “CHAIN = FORWARD”
  • to activate mail, you need to set the default action to: “action = %(action_mwl)s” or “action = %(action_mw)s” - mails are off by default!
  • If you have redirected ports via iptables, you need to block both, like port = 3306,33306
  • [mysqld-auth] mariadb always logs to /var/log/syslog and /var/log/daemon, so set that as logpath
  • iptables -nvL # show packets
  • iptables -v -x -n -L # ..too
  • fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf # test, if reges matchs
  • fail2ban-client status

apparmor

Fix for debian bug: Failed to start LSB: AppArmor initialization.

in /etc/default/grub

GRUB_CMDLINE_LINUX="elevator=deadline rootflags=noatime,ssd apparmor=1 security=apparmor"
update-grub
reboot
aa-status

install more profiles:

apt-get install apparmor apparmor-profiles apparmor-utils

more info:

 
Back to top
linux/security.txt · Last modified: 2016/10/20 00:56 by tkilla