Basic System Elements

Overview

  • Disk Encryption
  • Firewall
  • Remote Shell
  • FTP
  • Torrent
  • Web Server 
  • Log Monitoring

Disk Encryption

There's no security without physical security. You can protect files and partitions, but your best bet is to protect the whole thing. It's not proof completely, but it's good enough for common thieves.

If you're using Ubuntu , you can use the alternate or server install and select Guided - whole disk ...   Just take note that if you want to reboot remotely, you must take note of this bug.



Firewall

For ubuntu, the tool ufw is a good choice
ufw - 

Remote Shell



FTP

vsftpd
/etc/vsftpd.conf
/etc/vsftpd.chroot_list
/etc/ssl/private/vsftpd.pem
(specific entries from these)
/etc/passwd 
/etc/shadow
/etc/group

Torrent

transmission-daemon
/var/lib/transmission-daemon
/etc/transmission-daemon    

Web Server

Web server of choice is lighttpd

/etc/lighttpd

Log Monitoring

Monitor of choice is fail2ban

/etc/fail2ban


References:
http://citp.princeton.edu/memory/
http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html


Comments