Best practices for hardening and auditing your server (not beginner-friendly)

1.??????Update and upgrade your Linux packages

$ sudo apt-get update
$ sudo apt-get upgrade        

2.??????Install rkhunter tool to check rootkit in Linux server

$ sudo apt install rkhunter -y        

3.??????Run rkhunter to check root kit trace

$ rkhunter --check        

4.??????Install Lynis

$ apt-get install lynis        

5.??????Run a basic audit scan

$ lynis audit system        

6.??????Review all the reports and change accordingly if required

7.??????Download and install and update ?maldet malware detection program

$ git clone https://github.com/rfxn/linux-malware-detect.git
$ cd linux-malware-detect/
$ ./install.sh
$ maldet -d && maldet -u        

8.??????Run a maldet scan to check malware in the system

$ maldet -a /        

9.???????Check the report for further action

10.????Check ssh config file in

$nano /etc/ssh/sshd_config        

11.??Change port to 8022 from 22 make sure your firewall allow port 8022

12.??Create a user with sudo access

$ useradd -m username -s /bin/bash
$ usermod -aG sudo username        

13.??Add ssh key to the server for access

$ mkdir /home/username/.ssh && touch /home/username/.ssh/authorized_keys
$ nano /home/username/.ssh/authorized_keys        

##put you ssh pubic key there

14.??Set proper permission to ssh folder

$ chmod 700 /home/username/.ssh && chmod 600 /home/username/.ssh/authorized_keys
$ chown -R username:username? /home/username/.ssh/        

15.??Setup password for new user

$passwd username        

16.??Disable root login and password-based authentication (test user login using key before change)

nano /etc/ssh/sshd_config        

17.??Restart the ssh service to take effect

$ service ssh restart        

18.??Check open ports in the server and close unnecessary open ports.

$ Sudo netstat -tulpn