fr33.info

User Tools

Site Tools

linux:security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
linux:security [2016/10/07 17:42]
tkilla created 		linux:security [2016/10/20 00:56] (current)
tkilla
Line 1: Line 1:
 ====== Security ====== ====== Security ======
 +
 +===== fail2ban =====
 +
 +Important and sometimes tricky. some hints:
 +
 +  * if your iptables default policiy is ACCEPT in INPUT chain, use "CHAIN = FORWARD"
 +  * to activate mail, you need to set the default action to: "action = %(action_mwl)s" or "action = %(action_mw)s" - mails are off by default!
 +  * If you have redirected ports via iptables, you need to block both, like port     = 3306,33306
 +  * [mysqld-auth] mariadb always logs to /var/log/syslog and /var/log/daemon, so set that as logpath
 +  * iptables -nvL # show packets
 +  * iptables -v -x -n -L # ..too
 +  * fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf   # test, if reges matchs
 +  * fail2ban-client status
  
 ===== apparmor ===== ===== apparmor =====
Line 12: Line 25:
   reboot   reboot
   aa-status   aa-status
 +
 +install more profiles:
 +
 +  apt-get install apparmor apparmor-profiles apparmor-utils
 +
 +
 +more info:
 +  * https://wiki.debian.org/AppArmor/HowToUse
linux/security.1475854935.txt.gz ยท Last modified: 2016/10/07 17:42 by tkilla

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki