Month: August 2015
Protect Boot & Single user mode
as a physical security is the main factor in our security perspective we all need to protect unauthorised access to our Linux box after we protect bios and we all know that anyone can rest the root password via accessing the single mode so we have 3 ways 1st thing to disable single user mode entirely
SSH Tunnelling
the most famous method is using D parameter in ssh connection to bind a port local in your machine and this port tunnel back to our remote box to send our traffic to this server example
1 |
ssh -D 1337 root@remotebox |
then you can configure your application and browser to use your local IP 127.0.0.1 with the port 1337
Secure/Lock accounts with PAM tally2
pam_tally2 is a PAM module to allow interaction in users interfaces on numbers of failed login attempt it can reset count on success, can deny access if too many attempts fail. this module is unique because it not just reflect remote connection but also reflect the ttys and any system login method as it uses PAM example
password policy with pam_cracklib
cracklib pam module is a method to check the password against dictionary list and gives you availability to check the strength of the password and set rules to identify the poor passwords here is the most important parameters for this module minlen minimal password length dcredit maximum number of digits ucredit maximum uppercase letters
Pluggable Authentication Modules
Linux comes with Pam Modules to help you to interact with the running services in hardening way and custom the security of the service as you need. PAM is extra Rules to Control user interfaces ( Auth, Account, Session) layers for the applications the applications/services should be compiled with libpam.so here is an example for