Scribd
Upload
16 views2 pages

5 Min Plan

Uploaded by

spameerforlife123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
16 views2 pages

5 Min Plan

Uploaded by

spameerforlife123
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

 Change background to lunar lobster...

(Obviously)
 Step 1: Change passwords:
 For the current user... (passwd)
 For root user... (sudo passwd *root*)

 Step 2: Make sure the system is up to date:


 Check for updates... (sudo apt update)
 If necessary, upgrade... (sudo apt upgrade)

 Step 3: Lock out bad accounts...


 Check groups (cat /etc/groups)
 This will show all the groups that are currently on the system.
 This will disable the account and make it have no shell access
 Sudo usermod –L && sudo usermod –s /usr/sbin/nologin *user*
 Do the same for root account

 Step 4: SSH keypair authentication:


 Remove naughty keys... (sudo truncate –s 0 ~/.ssh/authorized_keys)
 Go to .ssh directory... (cd .ssh)
 Create a SSH keypair... (ssh-keygen –b 8192)
 Upload keypair... (scp ~/.ssh/id_rsa.pub
*user*@*IpAddress*:~/.ssh/authorized_keys)

 Step 5: Secure SSH


 Change some configs... (sudo nano /etc/ssh/sshd_config)
 Change “PasswordAuthentication” to no
 Change “permitrootlogin” to no
 Change “Addressfamily” to inet6 (if you want to be extra
secure😊) (You will have to ssh with your ipv6 address...)**KNOW
WHAT YOU ARE DOING WHEN YOU DO THIS!!
 Restart the service... (sudo systemctl restart ssh.service)

 Step 6: Back up configuration files.


 Copy and paste a config file... (sudo cp /etc/ssh/sshd_config
/*directory*/*directory*/sshd_config)
 Back the file up... (sudo mv /*directory*/*directory*/sshd_config
/etc/ssh/sshd_config)
 Change color if you insert it into bin... (sudo chmod +x *directory*)
 Change it back to normal when you want to use it (sudo chmod 600
*directory*)

 Step 7: Install Wireshark...


 Install... (sudo apt install Wireshark)
 When the prompt asks to allow non superusers to use, say yes...
 To activate should just be... (Wireshark)
 Allow non superusers to make capture packets with wireshark.
 If something does not work, try... (sudo dpkg-reconfigure wireshark)
(sudo chmod +x /usr/bin/dumpcap)

 Step 8: Install UFW...


 Install... (sudo apt install ufw)
 Standard commands for ufw
 (sudo ufw enable/disable/reboot/restart/status/allow/deny)
 To allow certain ports or ip addresses...
 (sudo ufw allow from *IpAddress* to any port *port*)

 Step 9: Check crontab file


 Enter the crontab file... (crontab –e)
 Check to make sure there aren’t any naughty jobs
 Create automation of copy and paste that activates every minute...
 (***** cp /etc/ssh/sshd_config /home/*user*/documents/*file*)

 Step 10: SSH into your servers and repeat...


 Do it all over again baby (Whoooo Yaaaaaa!!!!!)
 To ssh into the server... (ssh *username*@*ip-address*)

Additional Sources/things to think about:


https://github.com/RedefiningReality/Linux-Defence-Materials/tree/main

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy