7 security steps for a rackspace cloud server

•

1 like•1,334 views

If you are setting up your rackspace cloud server and need a quick 5 minute reference guide to secure it against attacks, this is for you.

7 SECURITY STEPS
FOR A
RACKSPACE CLOUD
SERVER
Rudhir Sharan
Founder, Secpanel
Tuesday, July 9, 13

YOU BEGIN WITH
Rackspace server comes with:
A root password
Public IP & a Private IP
An OS like CentOS/Ubuntu with IPtables
No security. So, please fend for yourself
Tuesday, July 9, 13

1ST SECURITY STEP
Change the password! (Obvious, isn’t it?)
More so for a Rackspace cloud server.
It comes with a password which is eerily familiar to
the server name!
Get a password which is at least 8 digit long, has at
least one special character, a number of a capital
letter
Avoid your/socially connected names
Tuesday, July 9, 13

2ND SECURITY STEP
Disable direct root login. Helpful link on how to do it
This will mandate users to provide to access
credentials to login as root
You can make changes to your SSH conﬁguration
ﬁle to make the change.
Tuesday, July 9, 13

3RD SECURITY STEP
Install a script or tool which will look for brute force
attacks
All failed login attempts create a ‘noise’ in your logs.
Write a script to detect such attempts and to block a
large number of attempts in a short time
You can try some open source tools like BFD, CSF
or cloud tools like Secpanel
Tuesday, July 9, 13

4TH SECURITY STEP
Close all ports which are not needed
If you use Ubuntu, a great tool called UFW can be
used
Or use IPtables to do it. Some tips are here.
Tuesday, July 9, 13

5TH SECURITY STEP
Install a tool to check for rootkits
Install chkrootkit
and rkhunter
Set up a cron to do a daily scan and email you a
report
Tuesday, July 9, 13

6TH SECURITY STEP
Install a good file monitoring tool or script
This will help you monitor key files on your server
Will alert you if a key file is modified, indicating a
potential system compromise
Can be very useful, if you have multiple users in a
server
Tuesday, July 9, 13

7TH SECURITY STEP
Remove and close unwanted software and services
Any unwanted service is a an unnecessary risk as
you will have to ensure it is updated, patched and is
vulnerability free
Tips on how to do it
Tuesday, July 9, 13

Change the password
Disable direct root login.
Install a brute force protector
Close unwanted ports
Install rootkit checker
Get ﬁle monitoring
Uninstall unwanted software
7 SECURITY STEPS FOR
RACKSPACE SERVER
Tuesday, July 9, 13

6 SECURITY STEPS
FOR A
RACKSPACE SERVER
See more Linux Server Security and System Administration Do It
Yourself(DIY) tips for beginners
Tuesday, July 9, 13

More Related Content

Viewers also liked

SystemD Usage Guide

SystemD Usage Guide

SystemD Usage Guide

VCP Muthukrishna

Rhel6 vs rhel7

How To Reset root Password on CentOS 7

How To Reset root Password on CentOS 7

How To Reset root Password on CentOS 7

VCP Muthukrishna

How to Upgrade Openfire on CentOS 7

How to Upgrade Openfire on CentOS 7

How to Upgrade Openfire on CentOS 7

VCP Muthukrishna

Networking devices

Networking devices

Networking devices

This post contains detailed Mindmap related to Complex subject of Cyber security and address critical components summarized as below: - Cyber Security standards - SOC (Security Operation Center) - Cybersecurity Lifecycle - Hacker Kill Chain - Malware (Types,Protection Mechanism) - Cyber Architecture - CSC (Critical Security Standards) - Incident Management - Network Perimeter best security practices - Final Case Study I hope the Technical post is appreciated and liked by Security Consultants and Subject Matter experts on Cybersecurity.Your criticals Inputs are appreciated.Thank you - Wajahat Iqbal (Wajahat_Iqbal@Yahoo.com)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

NIST Cybersecurity Framework - Mindmap

NIST Cybersecurity Framework - Mindmap

NIST Cybersecurity Framework - Mindmap

RHCE FINAL Questions and Answers

RHCE FINAL Questions and Answers

RHCE FINAL Questions and Answers

Radien software

Red hat enterprise linux 7 (rhel 7)

Red hat enterprise linux 7 (rhel 7)

Red hat enterprise linux 7 (rhel 7)

CentOS Linux Server Hardening

CentOS Linux Server Hardening

CentOS Linux Server Hardening

Linux admin interview questions

Linux admin interview questions

Linux admin interview questions

How To Check file exists and Delete PowerShell

How To Check file exists and Delete PowerShell

How To Check file exists and Delete PowerShell

VCP Muthukrishna

Viewers also liked (12)

SystemD Usage Guide

SystemD Usage Guide

SystemD Usage Guide

Rhel6 vs rhel7

How To Reset root Password on CentOS 7

How To Reset root Password on CentOS 7

How To Reset root Password on CentOS 7

How to Upgrade Openfire on CentOS 7

How to Upgrade Openfire on CentOS 7

How to Upgrade Openfire on CentOS 7

Networking devices

Networking devices

Networking devices

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)

NIST Cybersecurity Framework - Mindmap

NIST Cybersecurity Framework - Mindmap

NIST Cybersecurity Framework - Mindmap

RHCE FINAL Questions and Answers

RHCE FINAL Questions and Answers

RHCE FINAL Questions and Answers

Red hat enterprise linux 7 (rhel 7)

Red hat enterprise linux 7 (rhel 7)

Red hat enterprise linux 7 (rhel 7)

CentOS Linux Server Hardening

CentOS Linux Server Hardening

CentOS Linux Server Hardening

Linux admin interview questions

Linux admin interview questions

Linux admin interview questions

How To Check file exists and Delete PowerShell

How To Check file exists and Delete PowerShell

How To Check file exists and Delete PowerShell

Recently uploaded

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

Scalable LLM APIs for AI and Generative AI Application Development Ettikan Karuppiah, Director/Technologist - NVIDIA Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Created by Mozilla Research in 2012 and now part of Linux Foundation Europe, the Servo project is an experimental rendering engine written in Rust. It combines memory safety and concurrency to create an independent, modular, and embeddable rendering engine that adheres to web standards. Stewardship of Servo moved from Mozilla Research to the Linux Foundation in 2020, where its mission remains unchanged. After some slow years, in 2023 there has been renewed activity on the project, with a roadmap now focused on improving the engine’s CSS 2 conformance, exploring Android support, and making Servo a practical embeddable rendering engine. In this presentation, Rakhi Sharma reviews the status of the project, our recent developments in 2023, our collaboration with Tauri to make Servo an easy-to-use embeddable rendering engine, and our plans for the future to make Servo an alternative web rendering engine for the embedded devices industry. (c) Embedded Open Source Summit 2024 April 16-18, 2024 Seattle, Washington (US) https://events.linuxfoundation.org/embedded-open-source-summit/ https://ossna2024.sched.com/event/1aBNF/a-year-of-servo-reboot-where-are-we-now-rakhi-sharma-igalia

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

Modernizing Securities Finance: The cloud-native prime brokerage platform transforming capital markets. Madhu Subbu, Managing Director, Head of Securities Finance Engineering Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

rafiqahmad00786416

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Recently uploaded (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

How to Troubleshoot Apps for the Modern Connected Worker

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

Real Time Object Detection Using Open CV

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

MS Copilot expands with MS Graph connectors

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

A Year of the Servo Reboot: Where Are We Now?

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Strategies for Landing an Oracle DBA Job as a Fresher

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

7 security steps for a rackspace cloud server

1. 7 SECURITY STEPS FOR A RACKSPACE CLOUD SERVER Rudhir Sharan Founder, Secpanel Tuesday, July 9, 13

2. YOU BEGIN WITH Rackspace server comes with: A root password Public IP & a Private IP An OS like CentOS/Ubuntu with IPtables No security. So, please fend for yourself Tuesday, July 9, 13

3. 1ST SECURITY STEP Change the password! (Obvious, isn’t it?) More so for a Rackspace cloud server. It comes with a password which is eerily familiar to the server name! Get a password which is at least 8 digit long, has at least one special character, a number of a capital letter Avoid your/socially connected names Tuesday, July 9, 13

4. 2ND SECURITY STEP Disable direct root login. Helpful link on how to do it This will mandate users to provide to access credentials to login as root You can make changes to your SSH conﬁguration ﬁle to make the change. Tuesday, July 9, 13

5. 3RD SECURITY STEP Install a script or tool which will look for brute force attacks All failed login attempts create a ‘noise’ in your logs. Write a script to detect such attempts and to block a large number of attempts in a short time You can try some open source tools like BFD, CSF or cloud tools like Secpanel Tuesday, July 9, 13

6. 4TH SECURITY STEP Close all ports which are not needed If you use Ubuntu, a great tool called UFW can be used Or use IPtables to do it. Some tips are here. Tuesday, July 9, 13

7. 5TH SECURITY STEP Install a tool to check for rootkits Install chkrootkit and rkhunter Set up a cron to do a daily scan and email you a report Tuesday, July 9, 13

8. 6TH SECURITY STEP Install a good file monitoring tool or script This will help you monitor key files on your server Will alert you if a key file is modified, indicating a potential system compromise Can be very useful, if you have multiple users in a server Tuesday, July 9, 13

9. 7TH SECURITY STEP Remove and close unwanted software and services Any unwanted service is a an unnecessary risk as you will have to ensure it is updated, patched and is vulnerability free Tips on how to do it Tuesday, July 9, 13

10. Change the password Disable direct root login. Install a brute force protector Close unwanted ports Install rootkit checker Get ﬁle monitoring Uninstall unwanted software 7 SECURITY STEPS FOR RACKSPACE SERVER Tuesday, July 9, 13

11. 6 SECURITY STEPS FOR A RACKSPACE SERVER See more Linux Server Security and System Administration Do It Yourself(DIY) tips for beginners Tuesday, July 9, 13