Below are the hardening steps recommended to safeguard the servers against such attacks.

Hardening steps

1. Ensure Required Hardening done on the
server.

–> Enable tcp wrappers

–> Enable iptables

–> Stop unwanted
services

–> In case of NFS, only allow export import of folders to specific
users & hosts.

2. Direct root access
on the server should be disabled. It should only be allowed on
console.

3. Use of Strong passwords for root &
all other users using ssh, ftp access.

–> Make sure
Dictionary & joe passwords are not used.

–> Minimum passwords required length
should be 8 characters, inclusive of 1 special character, uppercase &
numbers.

4. Secure /tmp , tmpfs, /var/tmp using
/etc/fstab.

Preventive measures, which needs to be
done periodically

1. Use john the ripper to scan the weak passwords.

2. run rkhunter to
scan the rootkits on server.

Post By Editor (2,827 Posts)

Website: →

Connect