Here is what I have put together so far:
Adding as I find answers, Any fill in the blanks experts out there
Security Steps for Hardening your Vicidial Installation on Ubuntu
Change SSH Port to something else
$ Nano /etc/ssh/sshd_config
Change the Port Number from 22 to something else that is not being used (Example 578)
$ ctrl + X and then Y to save
$ /etc/init.d/ssh reload
Login to putty using your new port
To make sure your new port is working before you delete port 22:
(Note: If you are remoting in / Add a new port first / /etc/init.d/ssh reload /Login to putty using the new port /
Delete port 22 / Save following instructions above / /etc/init.d/ssh reload
Disable Direct Root Access
Note: Make sure you have a User setup that has root access before performing this step,
To setup a new user follow these instructions:
To setup a new user, login as the root user and issue the following command;
$ adduser --ingroup groupname username
The adduser command will create a new user and the ingroup directive tells the command to create a user in a particular group. You will need to replace the groupname with the group you want the user to be in (by default use “users”), and username with the name for your new user.
Once you have created the new user you will need to grant it root privileges, to do that you will need to open the sudoers file by issuing the visudo command. Add the new user you created by adding this line to the sudo file.
Tip: Sudo in Linux also means “super user do”.
$ username ALL=(ALL) ALL
Replace the username with the user you created earlier. Once you have done that open a new terminal window and login with the new user, once you have logged in issue the command “sudo su”, this will allow you to sudo into the system as a super user. You will be prompted for a password, enter the same password you use for the user you logged in with, once everything goes fine you will become a root user.
Important Note: If you are not able to sudo su into the system, please follow the earlier steps to modify the user to become a super user. Unless you are sure you are able to sudo su into the system, DO NOT follow the steps below, you could practically screw up your system.
Once you are sure that you can access the system as root, you can now safely disable direct root login access to your system by following the steps below.
While you are logged in as root, open the file:
$ nano /etc/ssh/sshd_config
In the open file, search for the text PermitRootLogin, you should see “yes” as the value, change it to “no” and save the file.
Once you have done that issue the command;
$ /etc/init.d/ssh reload
This should reload the SSH configuration for your system, now before you close the root session, open a new terminal to confirm that root access has been disabled.
Install Fail2Ban
References:
http://www.fail2ban.org/wiki/index.php/Main_Page
http://setdosa.blogspot.com/2008/11/fai ... hardy.html
http://ubuntuforums.org/showthread.php?t=486890
$ sudo apt-get install fail2ban
Copy the file /etc/fail2ban/jail.conf to /etc/fail2ban/jail.local
$ cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
For Editing use this command (For tips refer to
http://setdosa.blogspot.com/2008/11/fai ... hardy.html
$ nano /etc/fail2ban/jail.local
After Editing Restart
$ sudo /etc/init.d/fail2ban restart
Open File
$ nano /etc/fail2ban/filter.d/proftpd.conf file
Replace the Following:
failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$
\(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
\(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
With:
failregex = \(\S+\[<HOST>\]\)[: -]+ USER \S+: no such user found from \S+ \[[0-9.]+\] to \S+:\S+$
\(\S+\[<HOST>\]\)[: -]+ USER \S+ \(Login failed\): Incorrect password\.$
\(\S+\[<HOST>\]\)[: -]+ SECURITY VIOLATION: \S+ login attempted\.$
\(\S+\[<HOST>\]\)[: -]+ Maximum login attempts \(\d+\) exceeded$
USER \S+: no such user found from \S* ?\[<HOST>\] to \S+\s*$
Exit and save
Change the symbolic link for sh from dash to bash
$ sudo ln -sf /bin/bash /bin/sh
In Vicidial Admin
Set Strong Passwords for Both User and Phone Logins in Vicidial
For UFW
For IP Tables