my IT security thoughts, suggestions, and miscellaneous info
Yet another article about why my cipher string is better than yours (updated: Dec 2021) There are several very good articles about hardening OpenSSL ciphers. Over the years I’ve combined lessons learned from others, my own research of standards and best practices, and my own real-life experiences to come up with the OpenSSL cipher string […]
This is a faster, scripted method of configuring a new Ubuntu Linux 20.04 LTS server as outlined in my detailed post Ubuntu Linux Cloud Install
SFTP is considered more a secure alternative to FTP and FTPS. The FTP server is needed as the native SSH server is used instead, and SSH does not require an SSL certificate. One drawback is the default configuration of SFTP does not restrict access to the user’s home directory. A chroot’ed setup can easily be
Journald is a system service for collecting and storing log data, introduced with systemd. It tries to make it easier for system administrators to find interesting and relevant information among an ever-increasing amount of log messages. One of the main differences in journald was to replace simple plain text log files with a special file
Just like driving a car, sooner or later you may have an accident no matter how secure you are. Below are clues to help figure out if you have been hacked and, if so, what to do. The sooner you identify something bad has happened, the more likely you can fix the problem. Clues You
For the Boiler Room’s IP Blocklist I have aggregated several blocklists together into a single list to protect from emerging threats, malware & ransomware command-and-controls systems, cyber-criminals, spammers from hell, and noisy research scanners. The list is updated every hour and I also provide Threat Indicator (IOC) files for the Check Point Firewall.
Webmin is a web-based interface for system administration for Linux using any modern web browser. NOTE: Do no install Webmin if you are planning to install Virtualmin. The Webmin features are already included in Virtualmin.
Building on the basic Ubuntu Cloud Server (with Emerging Threats Protection) we will create an all-in-one internet hosting server using the Virtualmin web hosting control panel.
This will install and configure Firewalld with an IP blocklist for specific countries and an IP blocklist for IPs and IP netblocks that are known threats. This uses the IP Sets utility for faster table updates to the blocklist and faster matching in the firewall.
After deploying a new Ubuntu Linux server on Digital Ocean or Linode, there are a few customization steps I take to improve usability and security of the server. These instructions are assuming you’ve install Ubuntu Linux 20.04 LTS.