#Flush existing rules
# Set up default DROP rule for eth0 (Assuming eth0 is the Ethernet Port)
iptables -P INPUT DROP
# Allow existing connections to continue
iptables -A INPUT -i eth0 -m state –state ESTABLISHED,RELATED -j ACCEPT
# Accept everything from the 192.168.0.x network
iptables -A INPUT -i eth0 -s 192.168.0.0/24 -j ACCEPT
# Allow connections from this host to 192.168.1.10
iptables -A OUTPUT -o eth0 -d 192.168.1.10 -j ACCEPT
Internet connected Linux servers are always vulnerable to exploitation by the hackers/intruders. One of their common attack is through SSH. By default SSH servers are configured to listen to port 22 for SSH connection. Changing the port to something else will definitely add an additional measure in securing the server.
How to Change Default SSH port 22 to something else:
- Connect to your server via SSH (your ssh port is still 22) as the root user.
- Run this command: # vi /etc/ssh/sshd_config
- Find out this line: # port 22
- Delete the hash “#” sign from the beginning of the line and change the port to something else. Note down this new port very carefully. You’ll need to use this port for the SSH connection from the next login.
- Save the file and exit.
- Restart the SSH service by executing this command: # service sshd restart
Now disconnect and try reconnecting with the new SSH port. Make sure you memorize the new port number or note it down somewhere.
You might need to wipe off the command history that you’ve executed in your linux system for various reason. Normally when logged into the bash / SSH terminal – if the Up Arrow key is pressed – previously executed commands are shown. To completely delete the history type the following command:
# history -c
# history -w
Disable / Turn off Linux Firewall (Red hat/CentOS/Fedora Core)
Type the following two commands to save the IPtables first and then to stop it (you must login as the root user):
# /etc/init.d/iptables save
# /etc/init.d/iptables stop
Turn off firewall on boot
# chkconfig iptables off
Enable / Turn on Linux Firewall (Red hat/CentOS/Fedora Core)
Type the following command to turn on iptables firewall:
# /etc/init.d/iptables start
Turn on firewall on boot:
# chkconfig iptables on
Shared hosting accounts, Virtual Private server and Dedicated servers – all come with inode lmit. Any file on your Unix (or linux) system is considered as an inode. For example, an email stored in the system is considered as an inode. This way all the systems are restricted to a number of max inodes.
If you’d like to know the max allowed inodes and the usage – you need to ssh into your system (if you have SSH access) and run the following command:
This will display the amount of maximum, used and free inodes in different file systems for your unix account.
Login to your Linux server using SSH Client (ie, PuTTy)
Once you are connected to your server:
Use to following command to check Hard Drive and partitions:
(without the “#”)
# df -h
It will show you output like this:
Filesystem Size Used Avail Use% Mounted on
/dev/simfs 489G 42G 447G 9% /
none 7.8G 4.0K 7.8G 1% /dev
none 7.8G 0 7.8G 0% /dev/shm
The Size is shown in GigaBytes.
If you’d like to see the usage volume of a particular partition (ie, “/home”), use the following command:
(without the “#”)
# du -sh /home/
It will show you the usage in Gigabytes (or in Megabytes if usage is below 1 GB)
If you’d like to view the directory size in a particular partition (ie, “/home”):
(without the “#”)
# du -sh /home/*
The above will show you the size of all the directories in that partition.