Basic iptables Firewall

The iptables software is a user space application for configuring packet filtering in the Linux kernel. iptables is used to set rules for packets that travel through a host’s network stack and at certain points, called hooks, the iptables rules are evaluated and actions, such as dropping a packet, can be executed. In this post […]

SSH Server Hardening

The following is a list of things that can, and probably should, be done in order to secure an OpenSSH server. This list isn’t necessarily complete, but what is here can significantly improve the server’s defenses against attackers.

Preventing SSH Known Hosts Enabled Island Hopping

Upon connecting to an OpenSSH server, the server sends its public key to the client so that the user on the client side can verify that the server they are trying to connect to is indeed the server they expect it to be (and not an attacker spoofing the desired SSH server). Once initially verified, […]

Protecting Against SSH Server Spoofing

To defend against SSH server spoofing – where an attacker sets up an SSH server and masquerades as another in order to capture users’ login credentials – every SSH server has a unique public key that can be utilized to verify that servers identity. This key is located in the /etc/ssh/ directory, and is used […]