Basic Security @ Updates

-Update manager

-Enable automatic security updates(Update Setting)

=> Super windows => type the key word (System Setting) =>

@ Firewall-In Ubuntu all ports are block by default

-Dault firewall-ufw (turned off by default)+sudo ufw status+sudo ufw enable/disable

Other ways we can configure by iptables to filter the packet/ports

* The first is we drop the package or services

* Allow host ping to the Internet and use the dns local and ISP

-Firestarter for graphical interface (recommanded)+sudo apt-get install firestarter+Preferences

@ User Accounts-User & Groups

+Disable user Guest

-Do not use root user (Disable by default)+sudo passwd+sudo passwd -l root (disable/changed expiry password)

-Use sudo instead of root (/etc/sudoers)

+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)

+sudo adduser tolaleng sudo-Deleting Users

+sudo deluser canamall-Removing world readable permission to home directory

+sudo chmod 0750 /home/username

***When the user login and access to this directory it'll not permitted to this home folder.

-Locking/Unlocking user+sudo passwd -l username (enable user expiry)+sudo passwd -u username (disable user expiry)

-passwords+sudo chage canamall (Set the password expiration)+sudo chage-l canamall (show the password expiration)

@ Antivirus

-Clam TK (Under accessories)-Other anti-virus

@ Uninstall Applications

-Ubuntu Software Center-> Installed software section-> Select application and click remove

@ Processes-To see processes

+ps aux or top+system monitor

- @ Logs

-Some of logs+ /var/log/messages : general log messages+ /var/log/boot : system boot log+ /var/log/debug/ : debugging log messages

+ /var/log/auth.log : user login and authentication logs+ /var/log/daemon.log : running services such as squid,ntpd and other

log message to this file+ /var/log/kern.log : kernel log file

-Viewing logs+ tail, more, cat, less, grep+ GNOME system log viewer

=> Security Host* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )

* Secure remote network and host-Telnet(Secure with the host and address connection)-SSH (Secure with the authentication encryption key)

=> Security Backup (Data Hosting)*Make a Full Backup of Your Machine

-Aptik (backup application)-rsync (Remote synce)-Gsync (Remote)-Amanda-Rsnapshot

-=> Security Application* Disable Unwanted Services* Services and port security (/etc/services )

The port numbers are divided into three ranges:

1. Well Known Ports: those from 0 through 1023.

2. Registered Ports: those from 1024 through 491513. Dynamic and/or Private Ports: those from 49152 through 65535

21: FTP Server

• 22: SSH Server (remote login)

• 25: SMTP (mail server)

• 53: Domain Name System (Bind 9 server)

• 80: World Wide Web (HTTPD server)

• 110: POP3 mail server

• 143: IMAP mail server

• 443: HTTP over Transport Layer Security/Secure Sockets Layer (HTTPDS

server)

• 445: microsoft-ds, Server Message Block over TCP

=>Backup Ubuntu File Database

=> Apply all New System Updates

=> Monitoring system

=> Encrypt Data Communication (Fire Sharing, FTP, SSH)

#Managing File System Security

#User and Group Administrations

#Package Management