Home / server / Questions / 772296
Accepted
Peter David Carter
Asked: 2016-04-23 09:10:50 +0800 CST

openSUSE installs and VMs constantly being hacked and bricked

  • 772

Sorry if this is a total newbie question, but I'm doing frontend design work for a radical political organisation and ALL my installations of Linux, be they openSUSE, Ubuntu or Fedora keep getting bricked or just generally messed around with in the most annoying of ways.

I know there's probably a bazillion aspects to this question and I'm not a systems admin at all, but I just want to be able to help fix their frontend design work without dealing with hackers ALL the time.

So, are there any really basic precautions I should take to stop this sort of thing happening ALL the time? It's not like I'm even running an open server, and, apart from me not being able to connect to anyone via Skype without them being assaulted by static, Windows seems to manage to at least stay alive more than 10 minutes without going completely berserk and/or getting fubared.

So, my question is this: what are the MOST BASIC provisions to take when setting up a client to serve as a localhost server to stop people accessing it all over the place to stop me doing the political work I'm doing.

And if anyone talks about SSH keys or closing ports I will probably just keep screaming until everyone stops and goes away.

Thank you all very much!

group-policy security hacking port linux-networking

1 Answers

  1. Best Answer

    Have you considered the possibility that your local system is already infected and has a keylogger on it that records all your passwords etc.? Especially if your adversaries may be targeting you directly?

    I would suggest the following:

    1. Use a secure local system, for example a system booted from an officially purchased LiveCD (or just a friend you know has a secure system) to make sure it is not you who is infecting your servers
    2. Install the servers from a verified ISO image. You can download the image over HTTP, but checksums file should be over secure HTTPS to prevent tampering. Then check as instructed on the checksum site.
    3. Install ISO with "minimal" or "base system" only. Do not select any other services. Use strong passwords for root and user logins and write them down on paper (Use at least 12 characters, random alphanumeric and symbols).
    4. Update your system fully as described on the distribution help site. Also set up automatic updates, at least security updates as described by the distribution.
    5. Set up your SSH keys to use password-protected keyfiles. Save them locally onto a clean USB stick or burn them to a CD-ROM. Disable SSH password login on the server after everything works with the keyfile login. Optionally disable root login (only after you have created another user account with sudo rights and have tested SSH access).
    6. You may now install your services like HTTP or PHP. Do not read some random website that tells you to chmod 777 everything, but only the sites of the software projects themselves. Go from simple to difficult, start with one service and only do the next one if the first runs perfectly and securely.

    If you still get hacked, you should consider paying someone for a hosted service and only supply the content. This may also be an option if you think any of the above steps are tiresome, too long, too difficult or useless.

    • 3