René's URL Explorer Experiment

Title: GitHub - objects/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.

Open Graph Title: GitHub - objects/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.

X Title: GitHub - objects/How-To-Secure-A-Linux-Server: An evolving how-to guide for securing a Linux server.

Description: An evolving how-to guide for securing a Linux server. - objects/How-To-Secure-A-Linux-Server

Open Graph Description: An evolving how-to guide for securing a Linux server. - objects/How-To-Secure-A-Linux-Server

X Description: An evolving how-to guide for securing a Linux server. - objects/How-To-Secure-A-Linux-Server

Opengraph URL: https://github.com/objects/How-To-Secure-A-Linux-Server

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern	/:user_id/:repository
route-controller	files
route-action	disambiguate
fetch-nonce	v2:0c21fb31-f691-b72a-d625-04cd7f56eee1
current-catalog-service-hash	f3abb0cc802f3d7b95fc8762b94bdcb13bf39634c40c357301c4aa1d67a256fb
request-id	EE3C:959DF:90999A:BBEB02:6976908C
html-safe-nonce	41273027ad512e42b9ff3903023716165d6742f274e469ffbfccc868794b4a63
visitor-payload	eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFRTNDOjk1OURGOjkwOTk5QTpCQkVCMDI6Njk3NjkwOEMiLCJ2aXNpdG9yX2lkIjoiMzgzNjgxMDA5NTUyODg3OTQ5IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmac	8602ce6fcc4ce18fb08f2e014e999342cffb8b295f07be9050333787da56e41c
hovercard-subject-tag	repository:642617654
github-keyboard-shortcuts	repository,copilot
google-site-verification	Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-url	https://collector.github.com/github/collect
analytics-location	//
fb:app_id	1401488693436528
apple-itunes-app	app-id=1477376905, app-argument=https://github.com/objects/How-To-Secure-A-Linux-Server
twitter:image	https://opengraph.githubassets.com/bf544d1e00d61f56df786b7155e5b80c1fc7470a97fbab5214e581e7a40b6263/objects/How-To-Secure-A-Linux-Server
twitter:card	summary_large_image
og:image	https://opengraph.githubassets.com/bf544d1e00d61f56df786b7155e5b80c1fc7470a97fbab5214e581e7a40b6263/objects/How-To-Secure-A-Linux-Server
og:image:alt	An evolving how-to guide for securing a Linux server. - objects/How-To-Secure-A-Linux-Server
og:image:width	1200
og:image:height	600
og:site_name	GitHub
og:type	object
hostname	github.com
expected-hostname	github.com
None	032152924a283b83384255d9489e7b93b54ba01da8d380b05ecd3953b3212411
turbo-cache-control	no-preview
go-import	github.com/objects/How-To-Secure-A-Linux-Server git https://github.com/objects/How-To-Secure-A-Linux-Server.git
octolytics-dimension-user_id	935902
octolytics-dimension-user_login	objects
octolytics-dimension-repository_id	642617654
octolytics-dimension-repository_nwo	objects/How-To-Secure-A-Linux-Server
octolytics-dimension-repository_public	true
octolytics-dimension-repository_is_fork	true
octolytics-dimension-repository_parent_id	169839893
octolytics-dimension-repository_parent_nwo	imthenachoman/How-To-Secure-A-Linux-Server
octolytics-dimension-repository_network_root_id	169839893
octolytics-dimension-repository_network_root_nwo	imthenachoman/How-To-Secure-A-Linux-Server
turbo-body-classes	logged-out env-production page-responsive
disable-turbo	false
browser-stats-url	https://api.github.com/_private/browser/stats
browser-errors-url	https://api.github.com/_private/browser/errors
release	5b577f6be6482e336e3c30e8daefa30144947b17
ui-target	full
theme-color	#1e2327
color-scheme	light dark

Links:

Skip to content	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#start-of-content
	https://patch-diff.githubusercontent.com/
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fobjects%2FHow-To-Secure-A-Linux-Server
GitHub CopilotWrite better code with AI	https://github.com/features/copilot
GitHub SparkBuild and deploy intelligent apps	https://github.com/features/spark
GitHub ModelsManage and compare prompts	https://github.com/features/models
MCP RegistryNewIntegrate external tools	https://github.com/mcp
ActionsAutomate any workflow	https://github.com/features/actions
CodespacesInstant dev environments	https://github.com/features/codespaces
IssuesPlan and track work	https://github.com/features/issues
Code ReviewManage code changes	https://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilities	https://github.com/security/advanced-security
Code securitySecure your code as you build	https://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they start	https://github.com/security/advanced-security/secret-protection
Why GitHub	https://github.com/why-github
Documentation	https://docs.github.com
Blog	https://github.blog
Changelog	https://github.blog/changelog
Marketplace	https://github.com/marketplace
View all features	https://github.com/features
Enterprises	https://github.com/enterprise
Small and medium teams	https://github.com/team
Startups	https://github.com/enterprise/startups
Nonprofits	https://github.com/solutions/industry/nonprofits
App Modernization	https://github.com/solutions/use-case/app-modernization
DevSecOps	https://github.com/solutions/use-case/devsecops
DevOps	https://github.com/solutions/use-case/devops
CI/CD	https://github.com/solutions/use-case/ci-cd
View all use cases	https://github.com/solutions/use-case
Healthcare	https://github.com/solutions/industry/healthcare
Financial services	https://github.com/solutions/industry/financial-services
Manufacturing	https://github.com/solutions/industry/manufacturing
Government	https://github.com/solutions/industry/government
View all industries	https://github.com/solutions/industry
View all solutions	https://github.com/solutions
AI	https://github.com/resources/articles?topic=ai
Software Development	https://github.com/resources/articles?topic=software-development
DevOps	https://github.com/resources/articles?topic=devops
Security	https://github.com/resources/articles?topic=security
View all topics	https://github.com/resources/articles
Customer stories	https://github.com/customer-stories
Events & webinars	https://github.com/resources/events
Ebooks & reports	https://github.com/resources/whitepapers
Business insights	https://github.com/solutions/executive-insights
GitHub Skills	https://skills.github.com
Documentation	https://docs.github.com
Customer support	https://support.github.com
Community forum	https://github.com/orgs/community/discussions
Trust center	https://github.com/trust-center
Partners	https://github.com/partners
GitHub SponsorsFund open source developers	https://github.com/sponsors
Security Lab	https://securitylab.github.com
Maintainer Community	https://maintainers.github.com
Accelerator	https://github.com/accelerator
Archive Program	https://archiveprogram.github.com
Topics	https://github.com/topics
Trending	https://github.com/trending
Collections	https://github.com/collections
Enterprise platformAI-powered developer platform	https://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security features	https://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI features	https://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 support	https://github.com/premium-support
Pricing	https://github.com/pricing
Search syntax tips	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentation	https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in	https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2Fobjects%2FHow-To-Secure-A-Linux-Server
Sign up	https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E&source=header-repo&source_repo=objects%2FHow-To-Secure-A-Linux-Server
Reload	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
Reload	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
Reload	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
objects	https://patch-diff.githubusercontent.com/objects
How-To-Secure-A-Linux-Server	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
imthenachoman/How-To-Secure-A-Linux-Server	https://patch-diff.githubusercontent.com/imthenachoman/How-To-Secure-A-Linux-Server
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2Fobjects%2FHow-To-Secure-A-Linux-Server
Fork 0	https://patch-diff.githubusercontent.com/login?return_to=%2Fobjects%2FHow-To-Secure-A-Linux-Server
Star 1	https://patch-diff.githubusercontent.com/login?return_to=%2Fobjects%2FHow-To-Secure-A-Linux-Server
CC-BY-SA-4.0 license	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/LICENSE.txt
1 star	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/stargazers
1.6k forks	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/forks
Branches	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/branches
Tags	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/tags
Activity	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/activity
Star	https://patch-diff.githubusercontent.com/login?return_to=%2Fobjects%2FHow-To-Secure-A-Linux-Server
Notifications	https://patch-diff.githubusercontent.com/login?return_to=%2Fobjects%2FHow-To-Secure-A-Linux-Server
Code	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
Pull requests 0	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/pulls
Actions	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/actions
Projects 0	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/projects
Security 0	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/security
Insights	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/pulse
Code	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
Pull requests	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/pulls
Actions	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/actions
Projects	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/projects
Security	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/security
Insights	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/pulse
Branches	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/branches
Tags	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/tags
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/branches
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/tags
254 Commits	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/commits/master/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/commits/master/
LICENSE.txt	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/LICENSE.txt
LICENSE.txt	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/LICENSE.txt
README.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/README.md
README.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/README.md
linux-kernel-sysctl-hardening.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/linux-kernel-sysctl-hardening.md
linux-kernel-sysctl-hardening.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/linux-kernel-sysctl-hardening.md
nginx.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/nginx.md
nginx.md	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/nginx.md
README	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
License	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-to-secure-a-linux-server
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#license
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
Introduction	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#introduction
Guide Objective	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#guide-objective
Why Secure Your Server	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-secure-your-server
Why Yet Another Guide	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-yet-another-guide
Other Guides	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#other-guides
To Do / To Add	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#to-do--to-add
Guide Overview	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#guide-overview
About This Guide	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#about-this-guide
My Use-Case	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#my-use-case
Editing Configuration Files - For The Lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Contributing	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contributing
Before You Start	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#before-you-start
Identify Your Principles	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#identify-your-principles
Picking A Linux Distribution	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#picking-a-linux-distribution
Installing Linux	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#installing-linux
Pre/Post Installation Requirements	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#prepost-installation-requirements
Other Important Notes	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#other-important-notes
Using Ansible Playbooks to secure your Linux Server	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#using-ansible-playbooks-to-secure-your-linux-server
The SSH Server	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-ssh-server
Important Note Before You Make SSH Changes	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#important-note-before-you-make-ssh-changes
SSH Public/Private Keys	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ssh-publicprivate-keys
Create SSH Group For AllowGroups	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#create-ssh-group-for-allowgroups
Secure /etc/ssh/sshd_config	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#secure-etcsshsshd_config
Remove Short Diffie-Hellman Keys	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#remove-short-diffie-hellman-keys
2FA/MFA for SSH	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#2famfa-for-ssh
The Basics	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-basics
Limit Who Can Use sudo	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#limit-who-can-use-sudo
Limit Who Can Use su	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#limit-who-can-use-su
Run applications in a sandbox with FireJail	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#run-applications-in-a-sandbox-with-firejail
NTP Client	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ntp-client
Securing /proc	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#securing-proc
Force Accounts To Use Secure Passwords	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#force-accounts-to-use-secure-passwords
Automatic Security Updates and Alerts	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#automatic-security-updates-and-alerts
More Secure Random Entropy Pool (WIP)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#more-secure-random-entropy-pool-wip
Add Panic/Secondary/Fake password Login Security System	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#add-panic-secondary-fake-password-login-security-system
The Network	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-network
Firewall With UFW (Uncomplicated Firewall)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#firewall-with-ufw-uncomplicated-firewall
iptables Intrusion Detection And Prevention with PSAD	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#iptables-intrusion-detection-and-prevention-with-psad
Application Intrusion Detection And Prevention With Fail2Ban	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#application-intrusion-detection-and-prevention-with-fail2ban
Application Intrusion Detection And Prevention With CrowdSec	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#application-intrusion-detection-and-prevention-with-crowdsec
The Auditing	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-auditing
File/Folder Integrity Monitoring With AIDE (WIP)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#filefolder-integrity-monitoring-with-aide-wip
Anti-Virus Scanning With ClamAV (WIP)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#anti-virus-scanning-with-clamav-wip
Rootkit Detection With Rkhunter (WIP)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#rootkit-detection-with-rkhunter-wip
Rootkit Detection With chrootkit (WIP)	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#rootkit-detection-with-chrootkit-wip
logwatch - system log analyzer and reporter	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#logwatch---system-log-analyzer-and-reporter
ss - Seeing Ports Your Server Is Listening On	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ss---seeing-ports-your-server-is-listening-on
Lynis - Linux Security Auditing	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#lynis---linux-security-auditing
OSSEC - Host Intrusion Detection	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ossec---host-intrusion-detection
The Danger Zone	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-danger-zone
The Miscellaneous	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-miscellaneous
MSMTP (Simple Sendmail) with Google	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#msmtp-alternative
Gmail and Exim4 As MTA With Implicit TLS	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#gmail-and-exim4-as-mta-with-implicit-tls
Separate iptables Log File	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#separate-iptables-log-file
Left Over	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#left-over
Contacting Me	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contacting-me
Helpful Links	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#helpful-links
Acknowledgments	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#acknowledgments
License and Copyright	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#license-and-copyright
nGitHubTOC	https://imthenachoman.github.io/nGitHubTOC/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#introduction
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#guide-objective
contribute	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contributing
How To Secure A Linux Server With Ansible	https://github.com/moltenbit/How-To-Secure-A-Linux-Server-With-Ansible
moltenbit	https://github.com/moltenbit
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-secure-your-server
lock you out of your data for money	https://en.wikipedia.org/wiki/Ransomware
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-yet-another-guide
how to secure Linux	https://duckduckgo.com/?q=how+to+secure+linux&t=ffab&atb=v151-7&ia=web
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#other-guides
Center for Internet Security (CIS)	https://www.cisecurity.org/
benchmarks	https://www.cisecurity.org/cis-benchmarks/
About Us	https://www.cisecurity.org/about-us/
https://security.utexas.edu/os-hardening-checklist/linux-7	https://security.utexas.edu/os-hardening-checklist/linux-7
https://cloudpro.zone/index.php/2018/01/18/debian-9-3-server-setup-guide-part-1/	https://cloudpro.zone/index.php/2018/01/18/debian-9-3-server-setup-guide-part-1/
https://blog.vigilcode.com/2011/04/ubuntu-server-initial-security-quick-secure-setup-part-i/	https://blog.vigilcode.com/2011/04/ubuntu-server-initial-security-quick-secure-setup-part-i/
https://www.tldp.org/LDP/sag/html/index.html	https://www.tldp.org/LDP/sag/html/index.html
https://seifried.org/lasg/	https://seifried.org/lasg/
https://news.ycombinator.com/item?id=19178964	https://news.ycombinator.com/item?id=19178964
https://wiki.archlinux.org/index.php/Security	https://wiki.archlinux.org/index.php/Security
https://securecompliance.co/linux-server-hardening-checklist/	https://securecompliance.co/linux-server-hardening-checklist/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#to-do--to-add
Custom Jails for Fail2ban	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#custom-jails
https://wiki.archlinux.org/index.php/security#Mandatory_access_control	https://wiki.archlinux.org/index.php/security#Mandatory_access_control
https://en.wikipedia.org/wiki/Security-Enhanced_Linux	https://en.wikipedia.org/wiki/Security-Enhanced_Linux
https://linuxtechlab.com/beginners-guide-to-selinux/	https://linuxtechlab.com/beginners-guide-to-selinux/
https://linuxtechlab.com/replicate-selinux-policies-among-linux-machines/	https://linuxtechlab.com/replicate-selinux-policies-among-linux-machines/
https://teamignition.us/how-to-stop-being-a-scrub-and-learn-to-use-selinux.html	https://teamignition.us/how-to-stop-being-a-scrub-and-learn-to-use-selinux.html
https://wiki.archlinux.org/index.php/AppArmor	https://wiki.archlinux.org/index.php/AppArmor
https://security.stackexchange.com/questions/29378/comparison-between-apparmor-and-selinux	https://security.stackexchange.com/questions/29378/comparison-between-apparmor-and-selinux
http://www.insanitybit.com/2012/06/01/why-i-like-apparmor-more-than-selinux-5/	http://www.insanitybit.com/2012/06/01/why-i-like-apparmor-more-than-selinux-5/
http://www.chkrootkit.org/	http://www.chkrootkit.org/
http://rkhunter.sourceforge.net/	http://rkhunter.sourceforge.net/
https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/	https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/
https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/	https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/
https://news.ycombinator.com/item?id=19178681	https://news.ycombinator.com/item?id=19178681
https://learn.cisecurity.org/cis-cat-landing-page	https://learn.cisecurity.org/cis-cat-landing-page
https://blog.sleeplessbeastie.eu/2015/03/02/how-to-verify-installed-packages/	https://blog.sleeplessbeastie.eu/2015/03/02/how-to-verify-installed-packages/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#guide-overview
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#about-this-guide
install Linux	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#installing-linux
https://linuxjourney.com/	https://linuxjourney.com/
Linux distribution agnostic	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#picking-a-linux-distribution
text editor	https://notepad-plus-plus.org/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#my-use-case
NAT	https://en.wikipedia.org/wiki/Network_address_translation
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
INI	https://en.wikipedia.org/wiki/INI_file
favorite	https://en.wikipedia.org/wiki/Vi
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contributing
GitHub	http://www.github.com
new issue	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/new
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#before-you-start
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#identify-your-principles
threat model	https://en.wikipedia.org/wiki/Threat_model
disabled root login	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#disable-root-login
password protected GRUB	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#password-protect-grub
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#picking-a-linux-distribution
any distribution	https://distrowatch.com/
unattended upgrade	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#automatic-security-updates-and-alerts
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#installing-linux
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#prepost-installation-requirements
Gmail and Exim4 As MTA With Implicit TLS	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#gmail-and-exim4-as-mta-with-implicit-tls
CIS Benchmarks	https://www.cisecurity.org/cis-benchmarks/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#other-important-notes
contact me	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contacting-me
Debian based distributions	https://www.debian.org/derivatives/
provide	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contributing
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#using-ansible-playbooks-to-secure-your-linux-server
How To Secure A Linux Server With Ansible	https://github.com/moltenbit/How-To-Secure-A-Linux-Server-With-Ansible
Ansible	https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html
How To Secure A Linux Server With Ansible	https://github.com/moltenbit/How-To-Secure-A-Linux-Server-With-Ansible
Create SSH-Public/Private-Keys	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server#ssh-publicprivate-keys
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-ssh-server
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#important-note-before-you-make-ssh-changes
Sonnenbrand	https://github.com/Sonnenbrand
idea	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/56
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ssh-publicprivate-keys
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works
ssh-copy-id	https://www.ssh.com/ssh/copy-id
Digital Ocean	https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process
PasswordAuthentication no in /etc/ssh/sshd_config	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#PasswordAuthentication
https://linux-audit.com/	https://linux-audit.com/using-ed25519-openssh-keys-instead-of-dsa-rsa-ecdsa/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references
https://www.ssh.com/ssh/public-key-authentication	https://www.ssh.com/ssh/public-key-authentication
https://help.ubuntu.com/community/SSH/OpenSSH/Keys	https://help.ubuntu.com/community/SSH/OpenSSH/Keys
https://linux-audit.com/using-ed25519-openssh-keys-instead-of-dsa-rsa-ecdsa/	https://linux-audit.com/using-ed25519-openssh-keys-instead-of-dsa-rsa-ecdsa/
https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process	https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process
https://wiki.archlinux.org/index.php/SSH_Keys	https://wiki.archlinux.org/index.php/SSH_Keys
https://www.ssh.com/ssh/copy-id	https://www.ssh.com/ssh/copy-id
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps
Ed25519	https://linux-audit.com/using-ed25519-openssh-keys-instead-of-dsa-rsa-ecdsa/
MIM	https://en.wikipedia.org/wiki/Man-in-the-middle_attack
perform any tasks specific to your setup	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#prepost-installation-requirements
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#create-ssh-group-for-allowgroups
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-1
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-1
AllowGroups option	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#AllowGroups
/etc/ssh/sshd_config	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#secure-etcsshsshd_config
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-1
Secure /etc/ssh/sshd_config	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#secure-etcsshsshd_config
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-1
Secure /etc/ssh/sshd_config	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#secure-etcsshsshd_config
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-1
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-1
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#secure-etcsshsshd_config
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-2
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-2
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-2
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-2
Create SSH Group For AllowGroups	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#create-ssh-group-for-allowgroups
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-2
https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67	https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
https://linux-audit.com/audit-and-harden-your-ssh-configuration/	https://linux-audit.com/audit-and-harden-your-ssh-configuration/
https://www.ssh.com/ssh/sshd_config/	https://www.ssh.com/ssh/sshd_config/
https://www.techbrown.com/harden-ssh-secure-linux-vps-server/	https://www.techbrown.com/harden-ssh-secure-linux-vps-server/
http://web.archive.org/web/20200413100933/https://www.techbrown.com/harden-ssh-secure-linux-vps-server/	http://web.archive.org/web/20200413100933/https://www.techbrown.com/harden-ssh-secure-linux-vps-server/
https://serverfault.com/questions/660160/openssh-difference-between-internal-sftp-and-sftp-server/660325	https://serverfault.com/questions/660160/openssh-difference-between-internal-sftp-and-sftp-server/660325
than0s	https://github.com/than0s
how to find duplicate settings	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/38
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-2
Issue #1	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/1
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#remove-short-diffie-hellman-keys
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-3
Mozilla's OpenSSH guidelines for OpenSSH 6.7+	https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-3
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-3
https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67	https://infosec.mozilla.org/guidelines/openssh#modern-openssh-67
https://infosec.mozilla.org/guidelines/key_management	https://infosec.mozilla.org/guidelines/key_management
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-3
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#2famfa-for-ssh
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-4
Fail2ban	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#fail2ban-application-intrusion-detection-and-prevention
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-3
https://en.wikipedia.org/wiki/Linux_PAM	https://en.wikipedia.org/wiki/Linux_PAM
TOTP	https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm
https://fastmail.blog/2016/07/22/how-totp-authenticator-apps-work/	https://fastmail.blog/2016/07/22/how-totp-authenticator-apps-work/
https://jemurai.com/2018/10/11/how-it-works-totp-based-mfa/	https://jemurai.com/2018/10/11/how-it-works-totp-based-mfa/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-4
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-3
google-authenticator-libpam	https://github.com/google/google-authenticator-libpam
SSH public/private keys	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ssh-publicprivate-keys
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-4
https://github.com/google/google-authenticator-libpam	https://github.com/google/google-authenticator-libpam
https://en.wikipedia.org/wiki/Linux_PAM	https://en.wikipedia.org/wiki/Linux_PAM
https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm	https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm
https://fastmail.blog/2016/07/22/how-totp-authenticator-apps-work/	https://fastmail.blog/2016/07/22/how-totp-authenticator-apps-work/
https://jemurai.com/2018/10/11/how-it-works-totp-based-mfa/	https://jemurai.com/2018/10/11/how-it-works-totp-based-mfa/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-4
here	https://github.com/google/google-authenticator-libpam/blob/master/README.md#nullok
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-basics
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#limit-who-can-use-sudo
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-5
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-5
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-4
imthenachoman#39	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/39
sbrl	https://github.com/sbrl
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-5
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#limit-who-can-use-su
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-6
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-6
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-5
olavim	https://github.com/olavim
this idea	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/41
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-6
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#run-applications-in-a-sandbox-with-firejail
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-7
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-7
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-6
FireJail	https://firejail.wordpress.com/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-7
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ntp-client
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-8
global NTP servers	https://en.wikipedia.org/wiki/Network_Time_Protocol
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-4
https://www.pool.ntp.org/en/	https://www.pool.ntp.org/en/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-8
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-7
https://cloudpro.zone/index.php/2018/01/27/debian-9-3-server-setup-guide-part-4/	https://cloudpro.zone/index.php/2018/01/27/debian-9-3-server-setup-guide-part-4/
https://en.wikipedia.org/wiki/Network_Time_Protocol	https://en.wikipedia.org/wiki/Network_Time_Protocol
https://www.pool.ntp.org/en/	https://www.pool.ntp.org/en/
https://serverfault.com/questions/957302/securing-hardening-ntp-client-on-linux-servers-config-file/957450#957450	https://serverfault.com/questions/957302/securing-hardening-ntp-client-on-linux-servers-config-file/957450#957450
https://tf.nist.gov/tf-cgi/servers.cgi	https://tf.nist.gov/tf-cgi/servers.cgi
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-8
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#securing-proc
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-9
https://linux-audit.com/linux-system-hardening-adding-hidepid-to-proc/	https://linux-audit.com/linux-system-hardening-adding-hidepid-to-proc/
imthenachoman#37	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/37
nlgranger	https://github.com/nlgranger
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-9
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-8
https://linux-audit.com/linux-system-hardening-adding-hidepid-to-proc/	https://linux-audit.com/linux-system-hardening-adding-hidepid-to-proc/
https://likegeeks.com/secure-linux-server-hardening-best-practices/#Hardening-proc-Directory	https://likegeeks.com/secure-linux-server-hardening-best-practices/#Hardening-proc-Directory
https://www.cyberciti.biz/faq/linux-hide-processes-from-other-users/	https://www.cyberciti.biz/faq/linux-hide-processes-from-other-users/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-9
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#force-accounts-to-use-secure-passwords
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-10
pwquality	https://linux.die.net/man/5/pwquality.conf
pam_pwquality	https://linux.die.net/man/8/pam_pwquality
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-5
https://en.wikipedia.org/wiki/Linux_PAM	https://en.wikipedia.org/wiki/Linux_PAM
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-10
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-10
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#automatic-security-updates-and-alerts
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-11
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-1
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-5
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-11
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#debian-based-systems
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-6
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-9
https://wiki.debian.org/UnattendedUpgrades	https://wiki.debian.org/UnattendedUpgrades
https://debian-handbook.info/browse/stable/sect.regular-upgrades.html	https://debian-handbook.info/browse/stable/sect.regular-upgrades.html
https://blog.sleeplessbeastie.eu/2015/01/02/how-to-perform-unattended-upgrades/	https://blog.sleeplessbeastie.eu/2015/01/02/how-to-perform-unattended-upgrades/
https://www.vultr.com/docs/how-to-set-up-unattended-upgrades-on-debian-9-stretch	https://www.vultr.com/docs/how-to-set-up-unattended-upgrades-on-debian-9-stretch
https://github.com/mvo5/unattended-upgrades	https://github.com/mvo5/unattended-upgrades
https://wiki.debian.org/UnattendedUpgrades#apt-listchanges	https://wiki.debian.org/UnattendedUpgrades#apt-listchanges
https://www.cyberciti.biz/faq/apt-get-apticron-send-email-upgrades-available/	https://www.cyberciti.biz/faq/apt-get-apticron-send-email-upgrades-available/
https://www.unixmen.com/how-to-get-email-notifications-for-new-updates-on-debianubuntu/	https://www.unixmen.com/how-to-get-email-notifications-for-new-updates-on-debianubuntu/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-11
https://github.com/mvo5/unattended-upgrades	https://github.com/mvo5/unattended-upgrades
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#more-secure-random-entropy-pool-wip
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-12
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-7
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-12
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-10
branneman	https://github.com/branneman
issue #33	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/33
https://hackaday.com/2017/11/02/what-is-entropy-and-how-do-i-get-more-of-it/	https://hackaday.com/2017/11/02/what-is-entropy-and-how-do-i-get-more-of-it/
https://www.2uo.de/myths-about-urandom	https://www.2uo.de/myths-about-urandom
https://www.gnu.org/software/hurd/user/tlecarrour/rng-tools.html	https://www.gnu.org/software/hurd/user/tlecarrour/rng-tools.html
https://wiki.archlinux.org/index.php/Rng-tools	https://wiki.archlinux.org/index.php/Rng-tools
https://www.howtoforge.com/helping-the-random-number-generator-to-gain-enough-entropy-with-rng-tools-debian-lenny	https://www.howtoforge.com/helping-the-random-number-generator-to-gain-enough-entropy-with-rng-tools-debian-lenny
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-encryption-using_the_random_number_generator	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-encryption-using_the_random_number_generator
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-12
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-encryption-using_the_random_number_generator	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-encryption-using_the_random_number_generator
https://wiki.archlinux.org/index.php/Rng-tools	https://wiki.archlinux.org/index.php/Rng-tools
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#add-panicsecondaryfake-password-login-security-system
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-13
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-8
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-13
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-11
nuvious	https://github.com/nuvious/pam-duress
hellresistor	https://gist.github.com/hellresistor/a4c542415a2d437e21afc235260d2366
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-13
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-network
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#firewall-with-ufw-uncomplicated-firewall
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-14
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-9
iptables	https://en.wikipedia.org/wiki/Iptables
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-14
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-6
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-12
https://launchpad.net/ufw	https://launchpad.net/ufw
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-14
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#default-applications
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#custom-application
Plex	https://support.plex.tv/articles/201543147-what-network-ports-do-i-need-to-allow-through-my-firewall/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#iptables-intrusion-detection-and-prevention-with-psad
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-15
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-10
FINESEC	https://serverfault.com/users/143961/finesec
https://serverfault.com/	https://serverfault.com/
https://serverfault.com/a/447604/289829	https://serverfault.com/a/447604/289829
UFW	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ufw-uncomplicated-firewall
netson	https://gist.github.com/netson
https://gist.github.com/netson/c45b2dc4e835761fbccc	https://gist.github.com/netson/c45b2dc4e835761fbccc
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-13
http://www.cipherdyne.org/psad/	http://www.cipherdyne.org/psad/
http://www.cipherdyne.org/psad/docs/config.html	http://www.cipherdyne.org/psad/docs/config.html
https://www.thefanclub.co.za/how-to/how-install-psad-intrusion-detection-ubuntu-1204-lts-server	https://www.thefanclub.co.za/how-to/how-install-psad-intrusion-detection-ubuntu-1204-lts-server
https://serverfault.com/a/447604/289829	https://serverfault.com/a/447604/289829
https://serverfault.com/a/770424/289829	https://serverfault.com/a/770424/289829
https://gist.github.com/netson/c45b2dc4e835761fbccc	https://gist.github.com/netson/c45b2dc4e835761fbccc
moltenbit	https://github.com/moltenbit
#61	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/61
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-15
EMAIL_ADDRESSES	http://www.cipherdyne.org/psad/docs/config.html#EMAIL_ADDRESSES
ENABLE_AUTO_IDS	http://www.cipherdyne.org/psad/docs/config.html#ENABLE_AUTO_IDS
http://www.cipherdyne.org/psad/docs/config.html	http://www.cipherdyne.org/psad/docs/config.html
seperating iptables logs to their own file	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ns-separate-iptables-log-file
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#application-intrusion-detection-and-prevention-with-fail2ban
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-16
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-11
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-15
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-7
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-14
https://www.fail2ban.org/	https://www.fail2ban.org/
https://blog.vigilcode.com/2011/05/ufw-with-fail2ban-quick-secure-setup-part-ii/	https://blog.vigilcode.com/2011/05/ufw-with-fail2ban-quick-secure-setup-part-ii/
https://dodwell.us/security/ufw-fail2ban-portscan.html	https://dodwell.us/security/ufw-fail2ban-portscan.html
https://www.howtoforge.com/community/threads/fail2ban-and-ufw-on-debian.77261/	https://www.howtoforge.com/community/threads/fail2ban-and-ufw-on-debian.77261/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-16
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#custom-jails
contribute	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contributing
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#unban-an-ip
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#application-intrusion-detection-and-prevention-with-crowdsec
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-17
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-12
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-16
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-8
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-15
https://www.crowdsec.net/	https://www.crowdsec.net/
Read how CrowdSec curates the Community Blocklist	https://www.crowdsec.net/our-data
Read what threat intelligence is shared with CrowdSec	https://docs.crowdsec.net/docs/next/central_api/intro#signal-meta-data
https://docs.crowdsec.net/	https://docs.crowdsec.net/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-17
here	https://docs.crowdsec.net/u/getting_started/installation/linux
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#unban-an-ip-1
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-auditing
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#filefolder-integrity-monitoring-with-aide-wip
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-18
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-13
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-17
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-16
https://aide.github.io/	https://aide.github.io/
https://www.hiroom2.com/2017/06/09/debian-8-file-integrity-check-with-aide/	https://www.hiroom2.com/2017/06/09/debian-8-file-integrity-check-with-aide/
https://blog.rapid7.com/2017/06/30/how-to-install-and-configure-aide-on-ubuntu-linux/	https://blog.rapid7.com/2017/06/30/how-to-install-and-configure-aide-on-ubuntu-linux/
https://www.stephenrlang.com/2016/03/using-aide-for-file-integrity-monitoring-fim-on-ubuntu/	https://www.stephenrlang.com/2016/03/using-aide-for-file-integrity-monitoring-fim-on-ubuntu/
https://www.howtoforge.com/how-to-configure-the-aide-advanced-intrusion-detection-environment-file-integrity-scanner-for-your-website	https://www.howtoforge.com/how-to-configure-the-aide-advanced-intrusion-detection-environment-file-integrity-scanner-for-your-website
https://www.tecmint.com/check-integrity-of-file-and-directory-using-aide-in-linux/	https://www.tecmint.com/check-integrity-of-file-and-directory-using-aide-in-linux/
https://www.cyberciti.biz/faq/debian-ubuntu-linux-software-integrity-checking-with-aide/	https://www.cyberciti.biz/faq/debian-ubuntu-linux-software-integrity-checking-with-aide/
imthenachoman#83	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/83
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-18
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#updating-the-database
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#anti-virus-scanning-with-clamav-wip
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-19
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-14
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-18
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-9
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-17
https://www.clamav.net/documents/installation-on-debian-and-ubuntu-linux-distributions	https://www.clamav.net/documents/installation-on-debian-and-ubuntu-linux-distributions
https://wiki.debian.org/ClamAV	https://wiki.debian.org/ClamAV
https://www.osradar.com/install-clamav-debian-9-ubuntu-18/	https://www.osradar.com/install-clamav-debian-9-ubuntu-18/
https://www.lisenet.com/2014/automate-clamav-to-perform-daily-system-scan-and-send-email-notifications-on-linux/	https://www.lisenet.com/2014/automate-clamav-to-perform-daily-system-scan-and-send-email-notifications-on-linux/
https://www.howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/	https://www.howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/
https://serverfault.com/questions/741299/is-there-a-way-to-keep-clamav-updated-on-debian-8	https://serverfault.com/questions/741299/is-there-a-way-to-keep-clamav-updated-on-debian-8
https://askubuntu.com/questions/250290/how-do-i-scan-for-viruses-with-clamav	https://askubuntu.com/questions/250290/how-do-i-scan-for-viruses-with-clamav
https://ngothang.com/how-to-install-clamav-and-configure-daily-scanning-on-centos/	https://ngothang.com/how-to-install-clamav-and-configure-daily-scanning-on-centos/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-19
https://serverfault.com/questions/741299/is-there-a-way-to-keep-clamav-updated-on-debian-8	https://serverfault.com/questions/741299/is-there-a-way-to-keep-clamav-updated-on-debian-8
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#scanning-filesfolders
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#rootkit-detection-with-rkhunter-wip
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-20
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-15
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-19
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-18
http://rkhunter.sourceforge.net/	http://rkhunter.sourceforge.net/
https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/	https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/
https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/	https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-20
https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/	https://www.tecmint.com/install-rootkit-hunter-scan-for-rootkits-backdoors-in-linux/
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#rootkit-detection-with-chrootkit-wip
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-21
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-16
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-20
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-19
http://www.chkrootkit.org/	http://www.chkrootkit.org/
https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/	https://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/
https://askubuntu.com/questions/258658/eth0-packet-sniffer-sbin-dhclient	https://askubuntu.com/questions/258658/eth0-packet-sniffer-sbin-dhclient
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-21
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#logwatch---system-log-analyzer-and-reporter
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-22
logwatch	https://sourceforge.net/projects/logwatch/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-17
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-21
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-10
https://www.badpenguin.org/configure-logwatch-for-weekly-email-and-html-output-format	https://www.badpenguin.org/configure-logwatch-for-weekly-email-and-html-output-format
https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender	https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
issue #29	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
Gmail and Exim4 As MTA With Implicit TLS	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#gmail-and-exim4-as-mta-with-implicit-tls
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-20
amacheema	https://github.com/amacheema
issue #29	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
https://sourceforge.net/projects/logwatch/	https://sourceforge.net/projects/logwatch/
https://www.digitalocean.com/community/tutorials/how-to-install-and-use-logwatch-log-analyzer-and-reporter-on-a-vps	https://www.digitalocean.com/community/tutorials/how-to-install-and-use-logwatch-log-analyzer-and-reporter-on-a-vps
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-22
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender	https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
issue #29	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
Gmail and Exim4 As MTA With Implicit TLS	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#gmail-and-exim4-as-mta-with-implicit-tls
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ss---seeing-ports-your-server-is-listening-on
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-23
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-22
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-21
https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/egrib6o/	https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/egrib6o/
https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/egs1rev/	https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/egs1rev/
https://www.tecmint.com/find-open-ports-in-linux/	https://www.tecmint.com/find-open-ports-in-linux/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-23
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#lynis---linux-security-auditing
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-24
https://cisofy.com/lynis/	https://cisofy.com/lynis/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-23
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-11
https://packages.cisofy.com/	https://packages.cisofy.com/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-22
https://cisofy.com/documentation/lynis/get-started/	https://cisofy.com/documentation/lynis/get-started/
https://packages.cisofy.com/community/#debian-ubuntu	https://packages.cisofy.com/community/#debian-ubuntu
https://thelinuxcode.com/audit-lynis-ubuntu-server/	https://thelinuxcode.com/audit-lynis-ubuntu-server/
https://www.vultr.com/docs/install-lynis-on-debian-8	https://www.vultr.com/docs/install-lynis-on-debian-8
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-24
https://cisofy.com/lynis/#installation	https://cisofy.com/lynis/#installation
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ossec---host-intrusion-detection
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-25
https://github.com/ossec/ossec-hids	https://github.com/ossec/ossec-hids
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-24
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-23
https://www.ossec.net/docs/	https://www.ossec.net/docs/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-25
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-danger-zone
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#proceed-at-your-own-risk
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents-1
Linux Kernel sysctl Hardening	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#linux-kernel-sysctl-hardening
Password Protect GRUB	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#password-protect-grub
Disable Root Login	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#disable-root-login
Change Default umask	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#change-default-umask
Orphaned Software	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#orphaned-software
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#linux-kernel-sysctl-hardening
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-26
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-2
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#disclaimer
let me know	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contacting-me
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-12
documentation I can find	https://github.com/torvalds/linux/tree/master/Documentation
let me know	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contacting-me
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-24
https://github.com/torvalds/linux/tree/master/Documentation	https://github.com/torvalds/linux/tree/master/Documentation
https://www.cyberciti.biz/faq/linux-kernel-etcsysctl-conf-security-hardening/	https://www.cyberciti.biz/faq/linux-kernel-etcsysctl-conf-security-hardening/
https://geektnt.com/sysctl-conf-hardening.html	https://geektnt.com/sysctl-conf-hardening.html
https://linoxide.com/how-tos/linux-server-protection/	https://linoxide.com/how-tos/linux-server-protection/
https://github.com/klaver/sysctl/blob/master/sysctl.conf	https://github.com/klaver/sysctl/blob/master/sysctl.conf
https://cloudpro.zone/index.php/2018/01/30/debian-9-3-server-setup-guide-part-5/	https://cloudpro.zone/index.php/2018/01/30/debian-9-3-server-setup-guide-part-5/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-26
linux-kernel-sysctl-hardening.md	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/blob/master/linux-kernel-sysctl-hardening.md
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#password-protect-grub
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-27
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-3
some work	https://www.cyberciti.biz/tips/howto-recovering-grub-boot-loader-password.html
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-25
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-13
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-25
https://selivan.github.io/2017/12/21/grub2-password-for-all-but-default-menu-entries.html	https://selivan.github.io/2017/12/21/grub2-password-for-all-but-default-menu-entries.html
https://help.ubuntu.com/community/Grub2/Passwords	https://help.ubuntu.com/community/Grub2/Passwords
https://computingforgeeks.com/how-to-protect-grub-with-password-on-debian-ubuntu-and-kali-linux/	https://computingforgeeks.com/how-to-protect-grub-with-password-on-debian-ubuntu-and-kali-linux/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-27
Password-Based Key Derivation Function 2 (PBKDF2)	https://en.wikipedia.org/wiki/PBKDF2
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#disable-root-login
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-28
configured properly	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#limit-who-can-use-sudo
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-4
sulogin	https://linux.die.net/man/8/sulogin
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-26
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-14
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-26
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806852	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806852
systemd/systemd#7115	https://github.com/systemd/systemd/issues/7115
https://github.com/karelzak/util-linux/commit/7ff1162e67164cb4ece19dd809c26272461aa254	https://github.com/karelzak/util-linux/commit/7ff1162e67164cb4ece19dd809c26272461aa254
systemd/systemd#11596	https://github.com/systemd/systemd/issues/11596
https://www.reddit.com/r/selfhosted/comments/aoxd4l/new_guide_created_by_me_how_to_secure_a_linux/eg4rkfi/	https://www.reddit.com/r/selfhosted/comments/aoxd4l/new_guide_created_by_me_how_to_secure_a_linux/eg4rkfi/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-28
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#change-default-umask
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-29
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-5
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#how-it-works-18
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-27
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-15
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-27
https://www.linuxnix.com/umask-define-linuxunix/	https://www.linuxnix.com/umask-define-linuxunix/
https://serverfault.com/questions/818783/which-umask-is-more-secure-in-linux-022-or-027	https://serverfault.com/questions/818783/which-umask-is-more-secure-in-linux-022-or-027
https://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html	https://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-29
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#orphaned-software
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-30
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#notes-16
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#debian-based-systems-1
deborphan	http://freshmeat.sourceforge.net/projects/deborphan/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-not-6
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-30
Assuming you want to remove all of the packages deborphan finds	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#orphaned-software-why-not
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-miscellaneous
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#the-simple-way-with-msmtp
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-31
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#gmail-and-exim4-as-mta-with-implicit-tls
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-32
previous version of this guide	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/tree/cc5edcae1cf846dd250e76b121e721d836481d2f#configure-gmail-as-mta
issue #29	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
here	https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
#106	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/106
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#goals-28
Gmail	https://mail.google.com/
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-28
remyabel	https://github.com/remyabel
issue #24	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/24
pull request #26	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/pull/26
https://wiki.debian.org/Exim	https://wiki.debian.org/Exim
https://wiki.debian.org/GmailAndExim4	https://wiki.debian.org/GmailAndExim4
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html	https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html
https://php.quicoto.com/setup-exim4-to-use-gmail-in-ubuntu/	https://php.quicoto.com/setup-exim4-to-use-gmail-in-ubuntu/
https://www.fastmail.com/help/technical/ssltlsstarttls.html	https://www.fastmail.com/help/technical/ssltlsstarttls.html
issue #29	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender	https://blog.dhampir.no/content/exim4-line-length-in-debian-stretch-mail-delivery-failed-returning-message-to-sender
imthenachoman#106	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/106
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-31
Let's Encrypt	https://letsencrypt.org/
fix exim4's long lines issue	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/29
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
UFW	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#ufw-uncomplicated-firewall
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#separate-iptables-log-file
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#why-33
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#references-29
https://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/	https://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/
https://gist.github.com/netson/c45b2dc4e835761fbccc	https://gist.github.com/netson/c45b2dc4e835761fbccc
https://www.rsyslog.com/doc/v8-stable/configuration/actions.html	https://www.rsyslog.com/doc/v8-stable/configuration/actions.html
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#steps-32
step 4 of installing psad	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#psad_step4
"to omit syncing the file after every logging"	https://www.rsyslog.com/doc/v8-stable/configuration/actions.html#regular-file
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
For the lazy	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#editing-configuration-files---for-the-lazy
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#left-over
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#contacting-me
new issue	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/new
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#helpful-links
https://github.com/pratiktri/server_init_harden	https://github.com/pratiktri/server_init_harden
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#acknowledgments
https://www.reddit.com/r/linuxquestions/comments/aopzl7/new_guide_created_by_me_how_to_secure_a_linux/	https://www.reddit.com/r/linuxquestions/comments/aopzl7/new_guide_created_by_me_how_to_secure_a_linux/
https://www.reddit.com/r/selfhosted/comments/aoxd4l/new_guide_created_by_me_how_to_secure_a_linux/	https://www.reddit.com/r/selfhosted/comments/aoxd4l/new_guide_created_by_me_how_to_secure_a_linux/
https://news.ycombinator.com/item?id=19177435#19178618	https://news.ycombinator.com/item?id=19177435#19178618
https://www.reddit.com/r/linuxadmin/comments/arx7xo/howtosecurealinuxserver_an_evolving_howto_guide/	https://www.reddit.com/r/linuxadmin/comments/arx7xo/howtosecurealinuxserver_an_evolving_howto_guide/
https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/	https://www.reddit.com/r/linux/comments/arx7st/howtosecurealinuxserver_an_evolving_howto_guide/
https://github.com/moltenbit/How-To-Secure-A-Linux-Server-With-Ansible	https://github.com/moltenbit/How-To-Secure-A-Linux-Server-With-Ansible
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#license-and-copyright
	http://creativecommons.org/licenses/by-sa/4.0/
How To Secure A Linux Server	https://github.com/imthenachoman/How-To-Secure-A-Linux-Server
Anchal Nigam	https://github.com/imthenachoman
Creative Commons Attribution-ShareAlike 4.0 International License	http://creativecommons.org/licenses/by-sa/4.0
LICENSE	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/blob/master/LICENSE.txt
Table of Contents	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#table-of-contents
Readme	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#readme-ov-file
CC-BY-SA-4.0 license	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server#CC-BY-SA-4.0-1-ov-file
Please reload this page	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server
Activity	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/activity
1 star	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/stargazers
0 watching	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/watchers
0 forks	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/forks
Report repository	https://patch-diff.githubusercontent.com/contact/report-content?content_url=https%3A%2F%2Fgithub.com%2Fobjects%2FHow-To-Secure-A-Linux-Server&report=objects+%28user%29
Releases	https://patch-diff.githubusercontent.com/objects/How-To-Secure-A-Linux-Server/releases
Packages 0	https://patch-diff.githubusercontent.com/users/objects/packages?repo_name=How-To-Secure-A-Linux-Server
	https://github.com
Terms	https://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacy	https://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Security	https://github.com/security
Status	https://www.githubstatus.com/
Community	https://github.community/
Docs	https://docs.github.com/
Contact	https://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.