scienceoss.com » security http://scienceoss.com useful tidbits for using open source software in science Wed, 26 May 2010 03:34:19 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 A more secure SSH configuration http://scienceoss.com/a-more-secure-ssh-configuration/ http://scienceoss.com/a-more-secure-ssh-configuration/#comments Thu, 13 Mar 2008 03:25:49 +0000 ryan http://scienceoss.com/a-more-secure-ssh-configuration/ Some easy ways to configure SSH to be a little more secure:

Edit /etc/ssh/sshd_config as root.

  • Change the port (default is 22)
  • Change “PermitRootLogin yes” to “PermitRootLogin no”
  • AddUser username
  • save and quit
  • restart the ssh server: sudo /etc/init.d/ssh restart

More info here:
http://ubuntu-tutorials.com/2007/02/14/what-you-ought-to-know-about-securing-ssh/

]]> http://scienceoss.com/a-more-secure-ssh-configuration/feed/ 0 Check open ports http://scienceoss.com/check-open-ports/ http://scienceoss.com/check-open-ports/#comments Thu, 13 Mar 2008 03:17:23 +0000 ryan http://scienceoss.com/check-open-ports/ Are there any open ports that shouldn’t be open? Check with:

sudo netstat -tupl

Results in something like:


Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address    Foreign Address  State    PID/Program name
tcp        0      0 localhost:mysql  *:*              LISTEN  5077/mysqld
tcp        0      0 localhost:ipp    *:*              LISTEN  5001/cupsd
udp        0      0 *:32768          *:*                      5324/avahi-daemon:
udp        0      0 *:bootpc         *:*                      5875/dhclient
udp        0      0 *:mdns           *:*                      5324/avahi-daemon:

Kill the process that is using the port

kill (PID here)

List open files:

lsof -i

where the -i makes it list internet files.

]]> http://scienceoss.com/check-open-ports/feed/ 0