View Single Post


Old
  Post #3 (permalink)   01-11-2018, 04:06 PM
Evolution Host
HD Newbie
 
Join Date: Dec 2017
Posts: 8

Status: Evolution Host is offline
Quote:
Originally Posted by whmcsguru View Post
Oh lovely... Keep your stuff up to date, people!
This can't be emphasised strongly enough. It's definitely a good idea to configure automatic updates if possible, for example using Unattended Upgrades (Debian/Ubuntu). If you're concerned about an update potentially breaking an existing solution, exceptions can be added for some packages. Automatic updates can greatly reduce the amount of time that your system is left exposed to newly emerging vulnerabilities.

Quote:
Originally Posted by easyhostmedia View Post
This particular example shows the importance of hardening the security of your SSH server with tools such as fail2ban that can reduce the risk of brute force/password guessing attacks. If password authentication is in use, there's certainly no alternative for a secure password though.

To reduce the risk of fully automated intrusion even further, it's a great idea to use an uncommon non-root username and move the SSH server to a non-default port. Port knocking can also be used to increase the complexity required to successfully port scan for the SSH server. The majority of SSH botnets/worms will only target SSH servers on port 22.
__________________
Evolution Host - Hosting for KVM VPS, IRCds, mIRC Bots and Game Servers.
Premium hosting at affordable prices.