Linux server Hardening
Linux Server Hardening steps:
1. Setting message of the day, banner /etc/motd
2. Creating Admin service accounts
3. Setting Password ageing policy via /etc/login.defs
echo "PASS_MAX_DAYS 90" >> /etc/login.defs
echo "PASS_MIN_DAYS 1" >> /etc/login.defs
echo "PASS_MIN_LEN 8" >> /etc/login.defs
echo "PASS_WARN_AGE 14" >> /etc/login.defs
4. Enforcing stronger passwords: /etc/pam.d/system-auth
echo $test minlen=8 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 difok=3 >> /etc/pam.d/system-auth
maximum credit for lower-case, upper-case, numeric (digit), and non-alphanumeric (other) characters, respectively
5. setting root password and disabling direct login of root
chage -M 99999 root
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
6. Changing Run-level from 5 to 3