Welcome! I’m so glad you’ve decided to do the long but hugely rewarding job of learning how to properly Linux Server Security. The Internet as we know it from its inception has changed rapidly, and so have web applications.
From features to performance and functionality, web applications have improved in every possible way. This in turn has also increased the adoption of the cloud for web-based hosting. This has not always been the case, however, traditionally, one must set up one’s own server and hosting environment, which means that factors such as the specifications of the hardware used must be factored in correctly to meet the requirements of a web application. was to be chosen. This type of hosting, as you might have guessed, was both extremely expensive and inefficient.
With the rise of web hosting companies and providers, this issue was quickly eliminated and almost anyone in the world could set up their website or web application relatively easily, without the tedious and costly process and self-hosting of price. Web hosting companies have also changed over the period of their existence and improving their services based on the requirements of their customers and providing various hosting solutions sorted according to factors like system resources requirement and storage space.
such as with the constant demand for more system resources; Processing power and RAM (Random Access Memory), web hosting companies started providing VPS (Virtual Private Servers). A virtual private server is a virtualized server that simulates a dedicated server within a shared hosting environment.
However, it is not to be confused with a dedicated server. Virtual private servers are made possible by virtualization, where system resources can be easily increased or decreased depending on the needs of the customer, but with the added advantage over shared hosting where multiple websites are hosted on a shared server.
Shared hosting is a huge security threat because you are forced to share the operating system with other websites being hosted on the same server.
Dedicated servers, as the name suggests, are servers that can be used to host any service, you are free to customize the server and install any service you wish.
This essentially increases the attack surface as any website or web application on a particular server can be hacked or exploited and this allows hackers to gain unauthorized access to the server which would give them access to all the websites on the server. . This is why dedicated servers and VPS have become increasingly popular, as they give a client more control over the security and functionality of the server, and given that only one web application is being hosted on the server, this Reduces the overall attack surface. Customers are also able to modify server configuration and implement security features and functionality, therefore giving them complete control over the security of their servers. Given all the security benefits of dedicated servers and VPSs, many customers and companies are unaware of the fact that they are in charge of the security of their servers and as a result, their servers are never secured or configured with security in mind. which leaves them open to hackers and exploitation. This is why learning how to properly and efficiently secure your server is extremely important for every company or individual that relies on the integrity of their web application.
This book will focus on securing dedicated Linux servers, whether hosted in the cloud or on-premises. We will cover the various differences in security and configuration in both cases and how they affect the overall security and integrity of the server.
So why Linux? It’s a question that can be easily explained by taking a look at the Internet’s current hosting infrastructure, with about 96 percent of the top 1 million web servers currently running Linux. All the major websites in the world use Linux servers to host their web applications, some examples of these companies are; Facebook, Twitter and Reddit. Given the popularity and widespread adoption of Linux, many fundamental aspects of web hosting are overlooked or completely ignored. One of these aspects of web hosting is security, and it plays a fundamental role in maintaining the integrity and availability of a web application and its data. An example of how important Linux security is to maintaining the integrity of companies’ data was the British Airways data breach in 2018, where the personal and financial information of 380,000 of their passengers was hacked, with a variety of data stolen by hackers Were. From the names of the customers to their respective credit card numbers.
Given the prevalence and adoption of Linux for web hosting around the world, security has become an important factor in maintaining
1. How a hacker sees Linux
Before we look at how “hackers” view and approach Linux, we need to understand on a broader scale who exactly a “hacker” is and what they do. A “hacker” is a person who discovers and exploits vulnerabilities in an operating system, computer program, network, and web application to cause vulnerabilities. “Hackers” are usually motivated by a variety of reasons ranging from political to personal gain.
It is no surprise that the rise of the Internet and web applications has also given rise to a new generation of hackers, who eagerly await the release of new technologies and web-based frameworks to improve its security and integrity. be able to test. It should be noted that many hackers target web servers only for the purpose of malpractice, damage or theft of data. As a result, the term “hacker” has turned into a term that shares very close descriptions of a criminal or mercenary. However, this is far from the truth. Many “hackers” consider themselves professionals who test a web application or framework for security vulnerabilities and exploit them for the benefit of the public and the company by disclosing the vulnerabilities to the company, so they need to fix the vulnerability first. give chance. He is exploited. The goal of this book is to understand who you are both sides of the coin and to give you the skills you need to set up the necessary security and how to test them like a “hacker”.
Their aim is to make the web a safer and more secure environment, as a result, this has given rise to a relatively new term that describes hackers or security professionals whose primary goal is to legalize web applications and their hosting infrastructure with the goal is to target. Detecting and exploiting vulnerabilities in exchange for payment or other credits from the bug bounty program. This new type of hacker is called “Bug Bounty Hunter”.
A bug bounty program is an opportunity offered by many companies and developers, whereby security professionals or “bug bounty hunters” are compensated for reporting bugs in web applications that could potentially be exploited by hackers. who wish to damage or extract data. These programs are growing in popularity as companies have already seen the benefits that these programs bring to the table with regards to the overall security of their web applications, for one; Bug bounty hunters are better compensated for reporting a vulnerability to a company rather than publishing it publicly or maliciously exploiting it for personal gain. This allows the company to get an idea or scope of all vulnerabilities in its web applications so that they can be fixed before they are exploited by black hat hackers. A bug bounty program is a great way to find bugs and vulnerabilities in your web application and its associated infrastructure (domain and hosting environment), however, it is only the tip of the iceberg and it can only address security issues in the later stages of deployment. addresses. , A truly secure Linux server should be secured from the ground up. Most of the common vulnerabilities exploited or reported in bug bounty programs result from simple misconfiguration in hosting environments and web applications. | Linux Server Security
Hackers are generally divided into two categories, black hat hackers, whose main objective is personal gain. They target companies and web applications with the sole purpose of stealing or destroying data and/or monetary gain. On the other hand a white hat hacker is a hacker whose objective is to legally test the security of web applications and organizations and to protect against attacks and exploitation by black hat hackers. Bug bounty hunters are classified as white hat hackers because they find potential vulnerabilities and report them to the company responsibly.
When securing web applications and Linux servers it is very important to approach the security of the server as a hacker, it allows you to rigorously test any new security changes or techniques you make by attacking the server and analyzing the results. Therefore, giving you important information about the security of your server. This will help you understand where your security is strongest and where it can be improved. We’ll cover this at the end of the book, where we’ll look at how to perform a thorough security assessment and penetration test on your server and its services. | Linux Server Security
Given all the misconfigured Linux servers on the Internet, it is no surprise that a poorly secured server exposed to the public can be a target for black hat hackers, who want to exploit the server, Will not waste any time stealing data. Control of your server for your personal use and attacks to destroy your data or worse. Which in turn will destroy or damage the credibility of your organization.
It should be noted that all black hat hackers