Secure a server?

[StupidGlitch]

How much would a general "Securing a server" going to cost?

OR is it fairly simple with just afew lines via ssh?

The server it self, users won't be able to login via ssh btw.

Let me know please, it might come in handy for some users here.

 

[.:Raymond:.]

@GeeZus
It is never as easy as just a few lines in ssh. As for a price for a good job. Lots of big companies that do it charge by an hourly fee, so there really is no way to say. A rough ball park in my opinion for a proper job would be from 100 - 200+ atleast

 

[StupidGlitch]

for one single server or that monthly? o.O

 

[.:Raymond:.]

@GeeZus
One time fee for most places

 

[StupidGlitch]

Hmm, say i pay $100 to the person, then i chuck 10+ servers that be ok? lol

Just might come in handy this VERY SOON that's all.

 

[JamesVaporH]

For one how secure do you mean?

Their are multiple things you can do, but it all depends is their a panel?
Is their not a panel?
What OS is it?

When you say you don't want users to login via ssh do you mean ip access? Or would you rather change the port randomly and use a firewall like CSF to disable port scanning which would ban users who are scanning making it impossible to find the port.

Do you also need r00tkit advisors? Do you need custom auto kill scripts...

I can go through a list of a number of things which "can" be done to fully secure a server, But it depends on how much your willing to pay.

A lot of companies will charge by the hour unless you get a cheap wannabe who charge a monthly charge to "monitor" and secure your server which is a weekly once in a while check until something happens.

 

[StupidGlitch]

OK i see, let me explain it abit more then.

Say i've the following OS > Ubuntu

And i don't want users to be able to login via ssh

I shall the only one be able to login with the user's details into ssh.

Kinda get what i'm saying now?

 

[ibby]

have you ever heard of a guy named NewEraCracker? he is good.

 

[.:Raymond:.]

OK i see, let me explain it abit more then.

Say i've the following OS > Ubuntu

And i don't want users to be able to login via ssh

I shall the only one be able to login with the user's details into ssh.

Kinda get what i'm saying now?

This is not hard at all :P Contact me via msn I can do it for you for free )

 

[XSLTel]

OK i see, let me explain it abit more then.

Say i've the following OS > Ubuntu

And i don't want users to be able to login via ssh

I shall the only one be able to login with the user's details into ssh.

Kinda get what i'm saying now?

iptables -A INPUT ! -s xx.xx.xx.xx --dport 22 -j DROP

change xx.xx.xx.xx your IP.

 

[JamesVaporH]

have you ever heard of a guy named NewEraCracker? he is good.

He mainly does windows servers he is not a linux techy.

As for GeeZus this is something you can easily do yourself.

Learn deny and allow in iptables since you are using ubuntu.

First edit /etc/ssh/sshd_config to listen only on your server ip address

deny all traffic

iptables -A INPUT -p tcp -s 0/0 --sport 513:65535 -d ser.ver.ip.here --dport 22 -m state --state NEW,ESTABLISHED -j DROP

Accept from only your ip

iptables -A INPUT -s ! you.r.i.p -p tcp -m --dport 22 -j ACCEPT

edit: XSLTel pulled out a one liner :P well what he said should work.

 

[Gh0st]

have you ever heard of a guy named NewEraCracker? he is good.

As James said, NEC deals with Windows mainly.

 

[StupidGlitch]

iptables -A INPUT ! -s xx.xx.xx.xx --dport 22 -j DROP

change xx.xx.xx.xx your IP.

Only problem is..

My IP sometimes change's the last 2/3 digits from time to time.

How can i overcome that?

 

[JamesVaporH]

Change the ssh port to something else.

Never heard of a dedicated server having a dynamic ip?

 

[XSLTel]

iptables -A INPUT ! -s xx.xx.xx.xx/24 --dport 22 -j DROP

this will whitelist your whole IP range

xx.xx.xx.0 - xx.xx.xx.255

or here in xsltel staff using VPN to access servers more secure tbh. 1 IP only.

 

[JamesVaporH]

iptables -A INPUT ! -s xx.xx.xx.xx/24 --dport 22 -j DROP

this will whitelist your whole IP range

xx.xx.xx.0 - xx.xx.xx.255

or here in xsltel staff using VPN to access servers more secure tbh. 1 IP only.

White listing the entire subnet is a security risk.

Also using a vpn is very smart to use most companies do this for their office employees to only connect to their network.

But vpn's can be costly and at times fail if it is not your own private vpn.

 

[george101]

OK i see, let me explain it abit more then.

Say i've the following OS > Ubuntu

And i don't want users to be able to login via ssh

I shall the only one be able to login with the user's details into ssh.

Kinda get what i'm saying now?

to secure your ssh, first of all change the default ssh port

create another user, grant him remote login privilege and disable root login. next time login with that user and switch to root .

or better, disable password authentication and use password protected keys