ShareWiz Ultra Secure Server Setup
Base Security
Disable Ctrl-Alt-Delete
Comment out the following line in the /etc/init/control-alt-delete.conf file by placing a hash # sign in front.
Issue the following command:
…and comment out the following line by placing a hash # sign in front.
#exec /sbin/shutdown -r now "Control-Alt-Delete pressed"
Anyone that has physical access to the keyboard can simply use the Ctrl+Alt+Delete key combination to reboot the server without having to log on. Sure, someone could simply unplug the power source, but you should still prevent the use of this key combination on a production server. This forces an attacker to take more drastic measures to reboot the server, and will prevent accidental reboots at the same time.
Setup the correct time zone (Optional, but Highly-Recommended)
Issue the following command:
…and select "Etc" followed by "GMT".
Having the right time zone is a requirement for proper security of the server.
Sharewiz security standards require the time zone to be set to GMT.
This standardizes time in the system and prevents security issues which may occur with unusual time movements.
It also ensures that logs files are consistant.
Naturally, select an alternative timezone as appropriate to your situation.
PAM Security
Install pam modules
Issue the following command:
PAM or Pluggable Authentication Modules, is an abstraction layer that enables authentication between a variety of services.
To change the default dictionary, run the following command:
...and select the dictionary that is required.