Use command line tools to keep your Linux server secure

Use command line tools to maintain the security of your Linux server

With the rapid development of the Internet, server security has become particularly important. As a server administrator, you need to protect your server from potential attacks and threats. Command line tools are your best assistant in protecting server security. This article will introduce some commonly used command line tools to help you maintain the security of your Linux server.

1. Firewall Management

Firewall is one of the key tools to protect your server from unauthorized access. By using command line tools, you can easily manage firewall rules on your server.

a) IPTables: IPTables is one of the most commonly used firewall management tools on Linux servers. It allows you to create, modify and delete firewall rules.

Sample code:

Create new rule:

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Delete rule:

iptables -D INPUT -p tcp --dport 22 -j ACCEPT

b) UFW: UFW is a front-end tool based on IPTables that provides A simpler firewall configuration interface. It allows you to easily manage your firewall via the command line.

Sample code:

Enable firewall:

ufw enable

Allow SSH connections:

ufw allow OpenSSH

2. SSH security

SSH is a common way for administrators to access servers remotely, so it is crucial to ensure SSH security.

a) Modify the SSH port: Modifying the SSH port to a non-default port can increase security, because most attackers will scan the default SSH port.

Sample code:

Edit SSH configuration file:

sudo nano /etc/ssh/sshd_config

Modify port number:

Port 2222

Restart SSH service:

sudo service sshd restart

b ) Prevent Root login: Disabling Root users from logging in through SSH can greatly reduce the risk of server attacks.

Sample code:

Edit SSH configuration file:

sudo nano /etc/ssh/sshd_config

Modify PermitRootLogin settings:

PermitRootLogin no

Restart SSH service:

sudo service sshd restart

3. Malware Scan

Timely scanning of malware on the server is an important part of ensuring server security. Scanning is easy using command line tools.

a) ClamAV: ClamAV is an open source anti-virus engine that can be used to scan for malware, including viruses, Trojans, and other malware.

Sample code:

Install ClamAV:

sudo apt-get install clamav

Scan folder:

clamscan -r /path/to/folder

b) RKHunter: RKHunter is a tool for detecting rootkits, backdoors and Tools for potentially malicious files.

Sample code:

Install RKHunter:

sudo apt-get install rkhunter

Run RKHunter check:

sudo rkhunter --check

The above are just some examples of maintaining server security from the command line. Although using command line tools may require some learning and practice, they provide a more straightforward way to manage server security. By using these command line tools appropriately, you can improve server security, ensure server operation is stable, and protect user data.

Remember, server security is an ongoing effort. In addition to using command line tools, you should also follow best security practices, such as regularly updating software and systems, using strong passwords, restricting access to unnecessary services and files, etc.

The above is the detailed content of Use command line tools to keep your Linux server secure. For more information, please follow other related articles on the PHP Chinese website!