Securing Ubuntu (22.04 LTS)

Follow these steps to secure Ubuntu:

  • Restrict SU Access:

    1. Log in to Ubuntu 22.04 server using a non-root account.

    2. Use the command su to change switch user, to gain the privileges granted to other user. To create a new admin group on the server, use the following commands:

      Copy 
      sudo groupadd admin
      sudo usermod -a -G admin jack
      sudo dpkg-statoverride --update --add root admin 4750 /bin/su

      If you log in to your Ubuntu server as the user jack and attempt to use the su command to switch to another user, it is allowed because jack is a member of admin. Other users are denied access to the su command.

  • Use authentication Key pair to log to your server:

    1. By default, you log into the system through SSH with a username and a password.

      Using a private/public key is considered safe because the keys are tough to guess. You can generate the authentication keys utilizing an application like PuTTY Key Generator.

    2. Upload the public key on your Ubuntu server on the file:

      <username>/.ssh/authorized_keys

  • Shared memory can be used in an attack against a running service. Perform the following step:

    1. You can do this by modifying the /etc/fstab file.

    2. Add - tmpfs /run/shm tmpfs defaults,noexec,nosuid 0 0.

    3. Save and reboot the system

  • Implement default firewall of Ubuntu using Iptables and perform the following steps:

    1. Go for whitelisting approach

    2. Change default to deny/drop

    3. Change Auditing to ON