Linux Security Tools for System Administrator

Linux is best in security, but we have to enable this after installation with some basic tools. Here I’m going to enable the security with iptables and also going to show how to check for leakage in the security.

Enabling Linux Security

The most basic tools to secure the server is iptables, which is the core part in the linux server. I’m going to control the iptables with the ufw tool.

Installing UFW

If you are in ubuntu, then it’s already there. But for Debian or other variants, can install from these commands.

#UBUNTU/DEBIAN
sudo apt install ufw
#ARCH
sudo pacman -S ufw

Enable and start service with systemd.

sudo systemctl enable ufw
sudo systemctl start ufw

Allowing ports

With this following command, you can allow some required ports.

sudo ufw allow 22

If specifically TCP,

sudo ufw allow 22/tcp

Denying ports

If you want to deny a specific port then use this command

sudo ufw deny 9000

Deleting entries

First, check the status and delete required entries that you want.

sudo ufw status verbose
sudo ufw delete deny 9000

Enable it

At last, enable the ufw service to start controlling the ports.

sudo ufw enable

For docker with ufw refer to this Link.

Linux Security Check

There is a lot of tools to check the security in linux. So the basic check is the port scanning. I’m going to execute this with nmap tool, with is most popular for security in linux.

Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

Here are some basic commands with nmap.

Installing nmap tool

#Ubuntu/Debian
sudo apt install nmap
#ARCH
sudo pacman -S nmap

If you are struggling with password for sudo commands, then check this link.

Essential Commands

This command to do some basic scan in port and get some OS and routing information.

sudo nmap -AAA 1.1.1.1

Command to scan all ports in the Linux server.

sudo nmap -p- 1.1.1.1

That’s all. Check none of port is open except that we mentioned with UFW command. Then you are good to go with harden security.

Leave a Reply

Your email address will not be published. Required fields are marked *