7 security steps for a rackspace cloud server


Published on

If you are setting up your rackspace cloud server and need a quick 5 minute reference guide to secure it against attacks, this is for you.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

7 security steps for a rackspace cloud server

  1. 1. 7 SECURITY STEPS FOR A RACKSPACE CLOUD SERVER Rudhir Sharan Founder, Secpanel Tuesday, July 9, 13
  2. 2. YOU BEGIN WITH Rackspace server comes with: A root password Public IP & a Private IP An OS like CentOS/Ubuntu with IPtables No security. So, please fend for yourself Tuesday, July 9, 13
  3. 3. 1ST SECURITY STEP Change the password! (Obvious, isn’t it?) More so for a Rackspace cloud server. It comes with a password which is eerily familiar to the server name! Get a password which is at least 8 digit long, has at least one special character, a number of a capital letter Avoid your/socially connected names Tuesday, July 9, 13
  4. 4. 2ND SECURITY STEP Disable direct root login. Helpful link on how to do it This will mandate users to provide to access credentials to login as root You can make changes to your SSH configuration file to make the change. Tuesday, July 9, 13
  5. 5. 3RD SECURITY STEP Install a script or tool which will look for brute force attacks All failed login attempts create a ‘noise’ in your logs. Write a script to detect such attempts and to block a large number of attempts in a short time You can try some open source tools like BFD, CSF or cloud tools like Secpanel Tuesday, July 9, 13
  6. 6. 4TH SECURITY STEP Close all ports which are not needed If you use Ubuntu, a great tool called UFW can be used Or use IPtables to do it. Some tips are here. Tuesday, July 9, 13
  7. 7. 5TH SECURITY STEP Install a tool to check for rootkits Install chkrootkit and rkhunter Set up a cron to do a daily scan and email you a report Tuesday, July 9, 13
  8. 8. 6TH SECURITY STEP Install a good file monitoring tool or script This will help you monitor key files on your server Will alert you if a key file is modified, indicating a potential system compromise Can be very useful, if you have multiple users in a server Tuesday, July 9, 13
  9. 9. 7TH SECURITY STEP Remove and close unwanted software and services Any unwanted service is a an unnecessary risk as you will have to ensure it is updated, patched and is vulnerability free Tips on how to do it Tuesday, July 9, 13
  10. 10. Change the password Disable direct root login. Install a brute force protector Close unwanted ports Install rootkit checker Get file monitoring Uninstall unwanted software 7 SECURITY STEPS FOR RACKSPACE SERVER Tuesday, July 9, 13
  11. 11. 6 SECURITY STEPS FOR A RACKSPACE SERVER See more Linux Server Security and System Administration Do It Yourself(DIY) tips for beginners Tuesday, July 9, 13