mirror of
https://github.com/imthenachoman/How-To-Secure-A-Linux-Server.git
synced 2025-12-06 09:12:47 +01:00
aide, clam, and fixed TOC
This commit is contained in:
IMTheNachoMan
19
README.md
19
README.md
@@ -6,6 +6,7 @@ An evolving how-to guide for securing a Linux server that, hopefully, also teach
|
||||
|
||||
## Table of Contents
|
||||
|
||||
- [Table of Contents](#table-of-contents)
|
||||
- [Introduction](#introduction)
|
||||
- [Guide Objective](#guide-objective)
|
||||
- [Why Secure Your Server](#why-secure-your-server)
|
||||
@@ -39,11 +40,13 @@ An evolving how-to guide for securing a Linux server that, hopefully, also teach
|
||||
- [UFW: Uncomplicated Firewall](#ufw-uncomplicated-firewall)
|
||||
- [PSAD: iptables Intrusion Detection And Prevention](#psad-iptables-intrusion-detection-and-prevention)
|
||||
- [Fail2ban: Application Intrusion Detection And Prevention](#fail2ban-application-intrusion-detection-and-prevention)
|
||||
- [The Danger Zone](#the-danger-zone)
|
||||
- [The Auditing](#the-auditing)
|
||||
- [AIDE - File/Folder Integrity Monitoring (WIP)](#aide---filefolder-integrity-monitoring-wip)
|
||||
- [ClamAV Antivirus (WIP)](#clamav-antivirus-wip)
|
||||
- [logwatch - system log analyzer and reporter](#logwatch---system-log-analyzer-and-reporter)
|
||||
- [ss - Seeing Ports Your Server Is Listening On](#ss---seeing-ports-your-server-is-listening-on)
|
||||
- [Lynis - Linux Security Auditing](#lynis---linux-security-auditing)
|
||||
- [The Danger Zone](#the-danger-zone)
|
||||
- [The Miscellaneous](#the-miscellaneous)
|
||||
- [Configure Gmail As MTA With Implicit TLS](#configure-gmail-as-mta-with-implicit-tls)
|
||||
- [Separate iptables Log File](#separate-iptables-log-file)
|
||||
@@ -1762,10 +1765,16 @@ fail2ban-client set sshd unbanip 192.168.1.100
|
||||
|
||||
#### Why
|
||||
|
||||
WIP
|
||||
|
||||
#### How It Works
|
||||
|
||||
WIP
|
||||
|
||||
#### Goals
|
||||
|
||||
WIP
|
||||
|
||||
#### References
|
||||
|
||||
- https://aide.github.io/
|
||||
@@ -1963,10 +1972,14 @@ Every time you make changes to files/folders that AIDE monitors, you will need t
|
||||
sudo aideinit -y -f
|
||||
```
|
||||
|
||||
([Table of Contents](#table-of-contents))
|
||||
|
||||
### ClamAV Antivirus (WIP)
|
||||
|
||||
#### Why
|
||||
|
||||
WIP
|
||||
|
||||
#### How It Works
|
||||
|
||||
- ClamAV is a virus scanner
|
||||
@@ -1975,6 +1988,8 @@ sudo aideinit -y -f
|
||||
|
||||
#### Goals
|
||||
|
||||
WIP
|
||||
|
||||
#### Notes
|
||||
|
||||
- These instructions **do not** tell you how to enable the ClamAV daemon service to ensure `clamd` is running all the time. `clamd` is only if you're running a mail server and does not provide real-time monitoring of files. Instead, you'd want to scan files manually or on a schedule.
|
||||
@@ -2072,6 +2087,8 @@ sudo aideinit -y -f
|
||||
- You can use the `-i` switch to only print infected files.
|
||||
- Check `clamscan`'s `man` pages for other switches/options.
|
||||
|
||||
([Table of Contents](#table-of-contents))
|
||||
|
||||
### logwatch - system log analyzer and reporter
|
||||
|
||||
#### Why
|
||||
|
||||
Reference in New Issue
Block a user