How to Harden the server configuration for securing Web server in linux with examples

Securing Linux Daemons with examples using linux commands

how to identify unnecessary daemons to secure linux server using linux Command

Reviewing the list of running daemons OR list all services:
display information for the specific service
To view the status of a specific service
display all servies that is not running in linux
list of all software package that is not running
list of all software package that is installed last 10 days and is not not running in linux
list of pakage that is installed in last 10 days
list of pakage that is installed in last 10 days using history
how to find particular software installed **
*how to find particular software running or not *
**identifying purpose of each daemons
manual page for specified daemons
disabling unnecessary daemons

How to Monitor daemon activity

Review log file(tail)
Monitor network traffic(tcpdump
Monitor system resources(top)

how to use Security Patches to seure linux server

update package list
installing security update
verify system upto date

Identifying unnecessary daemons is an important step in securing a Linux server. Daemons are background processes that run continuously and provide various services to the system or network. Here are some steps you can take to identify unnecessary daemons:

1.Review the list of running daemons: Review the list of running daemons on the server to identify any that are not necessary for the system or network.

2.Identify the purpose of each daemon: Identify the purpose of each daemon to determine if it is necessary for the system or network. This includes researching the daemon's function and reviewing documentation.

3.Disable unnecessary daemons: Disable any daemons that are not necessary for the system or network. This reduces the attack surface of the system and reduces the risk of vulnerabilities.

Here are some examples of how to identify unnecessary daemons using Linux commands:

Reviewing the list of running daemons OR display a list all services

systemctl list-units --type=service

systemctl list-units --type=service | grep sshd

display information for the sshd service only.

To view the status of a specific service, use the following command:

systemctl status <service_name>

systemctl status sshd

*display all servies that is not running in linux *

systemctl list-units --type=service --state=inactive

service --status-all | grep -E "\[ + \]"

list of all software package that is not running

dpkg -l | grep ^ii | awk '{print $2}' | xargs -I{} sh -c 'systemctl is-active --quiet {} || echo {}'

rpm -qa | xargs -I{} sh -c 'systemctl is-active --quiet {} || echo {}'

list of all software package that is installed last 10 days and is not not running in linux

dpkg -l | grep ^ii | awk '{print $2}' | xargs -I{} sh -c 'test $(find /var/lib/dpkg/info/{}.* -mtime -10 -print) && systemctl is-active --quiet {} || echo {}'

list of pakage that is installed in last 10 days

dpkg -l | grep '^ii' | awk '{print $2, $3, $4}' | grep -v $(date --date="10 days ago" +"%Y%m%d") 

list of pakage that is installed in last 10 days

sudo grep "install " /var/log/dpkg.log | awk '$1 >= "'$(date --date="10 days ago" +%Y-%m-%d)'" {print $4}' | sort -u

This command searches the /var/log/dpkg.log file for lines containing the word "install", and then filters the lines to only include those that are from the last 10 days. Finally, it extracts the package names from those lines and removes duplicates.

Note that this command requires sudo privileges to access the dpkg.log file.

history | awk '{print $2}' | sort | uniq -c | sort -rn | head -10

history | grep sudo

history | grep install

how to find particular software installed package running or not

dpkg -s apache2

To check whether the software package is running, you can use the ps command to list all currently running processes and search for the name of the software package. For example, to check whether the apache2 service is running, you can run the following

ps -ef | grep apache2

If the service is running, you will see output that includes information about the process, such as the process ID and the command that started the process. If the service is not running, you will not see any output.

Note that the exact name of the package and the corresponding service or process name may vary depending on the distribution and version of Linux you are using, as well as the particular software package you are looking for.

How to Monitor daemon activity

Monitoring daemon activity is an important part of securing a Linux system. Daemons are background processes that run continuously and provide various services to the system or network. By monitoring daemon activity, you can detect any signs of suspicious behavior and take action to prevent security threats. Here are some steps you can take to monitor daemon activity:

how to use Security Patches to seure linux server using linux Command

Keeping your Linux server up-to-date with security patches is an important step in securing your system. Security patches fix known vulnerabilities and improve the security of your system. Here are some steps you can take to use security patches to secure your Linux server:

These commands check for available updates, display information about available security updates, and install all available updates for Red Hat-based systems. You should run these commands to verify that the system is up-to-date and all security patches have been installed.

By following these steps and using the Linux commands provided, you can use security patches to secure your Linux server and reduce the risk of vulnerabilities.