This is part one of the three part tutorial on securing your CentOS server.
1. Bruteforce and DoS Attack Prevention
2. IP Tables Firewall
3. SSH Hardening
Our first step in increasing our security is preventing bruteforce attacks.
First we must install Fail2ban. This bans users that attempt to login to your server without success.
First we must install the Epel Repository
1. rpm -ivh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-7.noarch.rpm
2. rpm -import https://fedoraproject.org/static/0608B895.txt
3. yum install fail2ban
Now we have to edit the configuration file to our needs.
1. vim /etc/fail2ban/jail.conf
ignoreip = 127.0.0.1
bantime = 240
findtime = 240
maxretry = 10
A host will become banned if they reach the "maxretry variable in the fidntime variable. Bantime is the amount of seconds they are banned for.
Now we must start fail2ban
1. service fail2ban start
Now that we have a nice prevention system against basic brute force methods, we are going to block basic DoS attacks.
For this section, we will be using DDoS Deflate.
1. wget http://www.inetbase.com/scripts/ddos/install.sh
2. chmod 0700 install.sh
3. chmod 0700 install.sh
4. ./install.sh
That is it! You are now protected from basic DoS attacks!
