Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
7 security steps for a rackspace cloud server
1. 7 SECURITY STEPS
FOR A
RACKSPACE CLOUD
SERVER
Rudhir Sharan
Founder, Secpanel
Tuesday, July 9, 13
2. YOU BEGIN WITH
Rackspace server comes with:
A root password
Public IP & a Private IP
An OS like CentOS/Ubuntu with IPtables
No security. So, please fend for yourself
Tuesday, July 9, 13
3. 1ST SECURITY STEP
Change the password! (Obvious, isn’t it?)
More so for a Rackspace cloud server.
It comes with a password which is eerily familiar to
the server name!
Get a password which is at least 8 digit long, has at
least one special character, a number of a capital
letter
Avoid your/socially connected names
Tuesday, July 9, 13
4. 2ND SECURITY STEP
Disable direct root login. Helpful link on how to do it
This will mandate users to provide to access
credentials to login as root
You can make changes to your SSH configuration
file to make the change.
Tuesday, July 9, 13
5. 3RD SECURITY STEP
Install a script or tool which will look for brute force
attacks
All failed login attempts create a ‘noise’ in your logs.
Write a script to detect such attempts and to block a
large number of attempts in a short time
You can try some open source tools like BFD, CSF
or cloud tools like Secpanel
Tuesday, July 9, 13
6. 4TH SECURITY STEP
Close all ports which are not needed
If you use Ubuntu, a great tool called UFW can be
used
Or use IPtables to do it. Some tips are here.
Tuesday, July 9, 13
7. 5TH SECURITY STEP
Install a tool to check for rootkits
Install chkrootkit
and rkhunter
Set up a cron to do a daily scan and email you a
report
Tuesday, July 9, 13
8. 6TH SECURITY STEP
Install a good file monitoring tool or script
This will help you monitor key files on your server
Will alert you if a key file is modified, indicating a
potential system compromise
Can be very useful, if you have multiple users in a
server
Tuesday, July 9, 13
9. 7TH SECURITY STEP
Remove and close unwanted software and services
Any unwanted service is a an unnecessary risk as
you will have to ensure it is updated, patched and is
vulnerability free
Tips on how to do it
Tuesday, July 9, 13
10. Change the password
Disable direct root login.
Install a brute force protector
Close unwanted ports
Install rootkit checker
Get file monitoring
Uninstall unwanted software
7 SECURITY STEPS FOR
RACKSPACE SERVER
Tuesday, July 9, 13
11. 6 SECURITY STEPS
FOR A
RACKSPACE SERVER
See more Linux Server Security and System Administration Do It
Yourself(DIY) tips for beginners
Tuesday, July 9, 13