Use a strong password: Choose a unique and complex password for the root user account. Avoid using easily guessable words or phrases, such as “password” or “admin”. Instead, use a combination of uppercase and lowercase letters, numbers, and special characters.
2. Disable unnecessary services: Kali Linux comes with many pre-installed tools and utilities that can be used for various purposes. However, not all of them are necessary for server operations. To reduce the attack surface, disable any unused or unneeded services using the “systemctl” command. For example, to stop the Apache web server:
# This script stops the Apache web server using the "systemctl" command with root privileges.
# Use "sudo" to run the command with root privileges.
sudo systemctl stop apache2
# "systemctl" is a command used to manage system services.
# "stop" is an option used to stop a service.
# "apache2" is the name of the Apache web server service.
3. Configure firewall rules: Use a firewall tool such as UFW (Uncomplicated Firewall) or iptables to restrict incoming and outgoing traffic based on specific criteria, such as source IP address, destination port number, or protocol type. This can help prevent unauthorized access to your server and protect against common attacks like DDoS (Distributed Denial of Service).
4. Limit SSH connections: By default, Kali Linux allows anyone with a valid SSH key to connect to the system using any username. To restrict access to specific users or IP addresses, edit the “sshd_config” file and add the following lines:
# This script is used to limit SSH connections on a Kali Linux system by restricting access to specific users or IP addresses.
# The "Match Address" command specifies the IP address range that will be affected by the following configurations.
# In this case, it is set to 192.168.0.0/24, which means all IP addresses within the range of 192.168.0.1 to 192.168.0.255 will be affected.
# The "ChallengeResponseAuthentication" command is set to "no" to disable the use of challenge-response authentication, which is a less secure method of authentication.
# The "PermitRootLogin" command is set to "yes" to allow root login, which is not recommended for security reasons. It should be set to "no" to prevent unauthorized access.
# The "AllowUsers" command specifies the users who are allowed to connect to the system via SSH. In this case, only the users "john" and "doe" are allowed.
# The "DenyUsers" command specifies the users who are not allowed to connect to the system via SSH. In this case, the wildcard "*" is used to deny access to all users not specified in the "AllowUsers" command. This ensures that only the specified users are allowed to connect.
In this example, only users with the “john” or “doe” username can connect from the 192.168.0.0/24 network range. Root login is allowed but requires a password instead of SSH keys. All other users are denied access.
5. Monitor system logs: Use tools like syslog-ng, rsyslog or logrotate to collect and analyze system logs for suspicious activity. This can help you detect potential security breaches early on and take appropriate action before they escalate into full-blown attacks.
6. Keep software up-to-date: Regularly update your Kali Linux installation with the latest patches, fixes, and security updates to ensure that all known vulnerabilities are addressed. This can help prevent exploitation by attackers who may be targeting outdated or unpatched systems.
7. Backup important data: Create regular backups of critical system files and configurations using tools like rsync, tar, or duplicity. Store the backup data on a separate server or cloud storage service to ensure that it is not lost in case of hardware failure or other catastrophic events.
8. Test your security measures: Use penetration testing tools such as Nmap, Metasploit, or Kali Linux itself to simulate real-world attacks and test the effectiveness of your security measures. This can help you identify potential weaknesses in your system and take corrective action before they are exploited by attackers.
By following these best practices for server security and network configuration, you can significantly reduce the risk of a successful cyberattack on your Kali Linux installation running on public servers. Remember to always stay vigilant and keep up-to-date with the latest threats and vulnerabilities in order to maintain a secure and reliable system over time.