Creating a secure Debian server

My favourite linux distro is Debian. Ubuntu Server is also great, but in my case generally I only need a LAMP server (Linux + Apache + MySQL + PHP), without big network responsabilities (mainly on intranets implementations). And, finally, Ubuntu is Debain based. Because this, I choose the lighter option, Debian. For graphic interface, I prefer LXDE, one of the lightest actually.

If it was only install and bring it up, would be great. Otherwise, when a server is exposed on Web, it becames to be target of many malicious bots, which searches security fails over all internet , IP by IP, almost port by port.

Taking a look at /var/log/auth.log of a open web server, we can identify a lot of connection tries with common usernames, like admin, test, guest, user and so on.

Debia project page provides the Securing Debian Manual, with instructions about how to close all possible gaps on server, as also good security practices.

If your Debian (or Ubuntu) server is already up, I guess the most interesting chapters are:

  • Chapter 4 - After installing
  • Subjects:
    • Security updates
    • GRUB (or LILO) configuration
    • Restrict terminal access
    • Configuring partition mount options
    • Limit resources
    • Restrict FTP
    • Auditing users
    • System snapshots