Some people say that the only secure machine is one that is switched off. This may be true, but that machine is not very useful. If you want to make your server more functional, you'll have to turn it on and most likely expose it to the curious eyes of the Internet.

Online computer security is a topic large enough to deserve its own book. In fact, a whole shelf of such books is readily available. In this chapter, we will learn basic techniques, which will allow you to secure your server before putting it up online. If your server is exposed to the Internet, it will be a good idea to follow up by doing more in-depth security research and monitor what's happening to your machine on a day-to-day basis. Because this is a book on Webmin, we will only address topics in which Webmin can assist you.

This chapter is divided into three parts:

Linux systems have a firewall software built right into the kernel. This packet-filtering framework is called netfilter (since Linux 2.4). It is controlled by a tool called iptables, which instructs the kernel what to do with incoming and outgoing network packets.

In this recipe, we will begin with an empty iptables configuration (firewall disabled) and configure it to drop any incoming packets except those we specifically allow. Before we set up a firewall, we should review some basic concepts related to network communication and the organization of iptables.

The following are some basic packet-filtering concepts:

Once your firewall is set up, all unauthorized traffic coming into your server will be dropped. If you decide to add a service to your server, you'll need to add another firewall rule to allow the incoming traffic to reach the service. Otherwise, external users will not be able to access the new service. In fact, they will not even be able to see that the service is running and their connections will simply time out.

After your firewall is configured, you may wish to check that you haven't unintentionally left any unnecessary open doors. A good way to do this is to initiate a scan from another machine that will tell you what open ports it discovered on your server. Only ports associated with services that you want to make publicly accessible should be found.

The best way to avoid potential security issues with services you're not actively using is to disable them. This recipe will list the steps to identify the running system services that have open network ports and disable them.

If you allow administrative users to log into your system using their username and password, your system is only as secure as the passwords used by those users. It's a good idea to periodically attempt to crack all the passwords on your system. If you find passwords that are easy to guess or crack through brute force, you should ask users to change them.

Allowing the root user to log in over SSH is a potential security vulnerability. An attacker may try to break into your system by trying every password for the root user. It's recommended to disallow the root user's access over SSH and to log in as another user with the sudo privileges to perform administrative tasks.

The firewall is your first line of defense, but you should take additional precautions while running Webmin on an Internet-connected server. Webmin allows you to restrict access to a list of specific IP addresses and networks. It's a good idea to protect Webmin this way; otherwise, an attacker can try to guess your password and take over your system.

In this recipe, we will configure Webmin to accept connections only from your IP address.

If your server is connected to the Internet and you use SSH to connect to it, you can secure it by disallowing Webmin from accepting any remote connections. You can then use an SSH tunnel to connect to Webmin. This lowers the potential attack surface of your machine and protects you against possible security vulnerabilities in Webmin itself. Any attacker would have to break into your SSH account or otherwise gain local access to your system to connect to Webmin.

Webmin's login sessions are not set to expire by default. This causes a potential security risk. If a user leaves his or her computer unattended while logged into Webmin, an attacker could potentially use the situation to harm your system or disable its security. Fortunately, this situation is easily remedied by changing a Webmin setting.

logouttime=10