Differences

This shows you the differences between two versions of the page.

--- part_1 [2025/02/28 23:40] – wizardadmin
+++ part_1 [2025/03/01 20:01] (current) – wizardadmin
@@ Line 1: / Line 1: @@
 ====== Docker Project Part 1 ======
 {{:lock.jpeg?400|}}
+{{:finished_diagram.png?800|}}
+This is a diagram of what i have in mind to secure this webserver.
 To start this project off we are going to need a dedicated server. So i built one to fit inside a 1u case, once that was complete i flashed my favorite Linus Distro (Debian) onto a flash drive and plugged it in and booted from it. Installed a graphical version of Debian in case i needed to do anything in the GUI environment but ironically so far i haven't touched the GUI at all and have been able to do everything via a SSH bash environment. We are also going to need to harden this server and lock it down. I hardened my SSH connections to this server by these precautions:
 . Disable logging in as root
-. Configure SSH to use a random port and not serve over port 22
+. Configure SSH to use a random port and not connect over port 22
 . Lockdown logins by forcing logins with a public/private keypair instead of passwords, and disable password logins completely.
 After hardening SSH i decided to do a few basic linux configurations to harden the server further.
+These i will not discuss but am happy to discuss in a professional environment (Job interview, job meetings)
+After hardening the Debian server as much as i knew, i moved onto the next steps in terms of security. A firewall! See:[[opnsenseconfiguration|]] to see the basic configuration that i setup.
-Disable icmp replies to any icmp echo requests to the server
+I went with a OPNSense firewall that again i hand built to fit into a 2u server chassis. Loaded OPNsense onto and got to work. My idea for this was that i would take advantage of OPNsense's Firewall and routing capabilities to combine it into a router/firewall.