/home/username. Your results should now have changed.
Password Policy
You can implement stringent firewall rules along with other security features, but, if your passwords
are poor, all of that is pointless. If you're going to enable SSH (which I imagine you will), then you
will need to implement a strong password policy.
You can control the password policy from the common-password file, located in the /etc/pam.d/
directory.
You can update the minimum length of password by editing the password minlen=8 line to enforce
a larger number of characters. It should be noted though, the administrator does not need to
adhere to these requirements when creating users.
You can also set your passwords to expire by setting a maximum password age.
Console Security
Virtual / digital security isn't your only concern when it comes to managing your servers. You need
to also defend from those people that have physical access to your servers.
If they aren't in a restricted access room already, that should be on your mind, but, you can also
prevent ctrl+alt+delete reboots (which do not require sudo access).
To do this simply comment out the below line in the control-alt-delete.conf file, found under the
/etc/init/ directory - #exec shutdown -r now “Control-Alt-Delete pressed”
The Firewall
The Ubuntu kernel uses the Netfilter system. This is a system which is used to decide what to do
with network traffic that hits the server.
To control the Netfilter system rules, we have access to iptables which will define what to do when
a packet hits your server.
However, iptables are not the most user friendly of things, and as such, Ubuntu is shipped with
UFW (Uncomplicated Firewall). This gives you a much simpler way to manage your firewall.
Using the UFW commands
Using UFW is simple, if you want to enable it (switch it on), simply type sudo ufw enable into the
terminal, and, if you want to disable it (switch if off), simply type sudo ufw disable.
Managing your port security is just as straightforward. You can type sudo ufw allow 22 to allow port
22 (replace the port number with whatever you need) and you can block a port by typing sudo ufw
deny 22.
You can check the status of your firewall (and all rules that have been applied to it) by typing sudo
ufw status into the terminal. This will let you know if the firewall is enabled and all of the allowed /
denied ports.
Once you've seen the list of rules, you might want to delete one, you can do this by typing sudo
www.netshock.co.uk