Linux EC2 Instance Security Consideration
Solution 1:
For me that would be:
- keep up to date with patches on your distribution
- run only the services needed on the interfaces needed (
netstat -l -n -p
will show what process is listening on what port on which interface) eg run mysql only on localhost - Secure remote login
- no root access
- ssh keys for login only
- sudo to escalate privileges
- intrusion detection (rkhunter or tripwire)
- maybe suphp but I have no experiance with that
- reliable, offsite backup with history (dirvish for me)
- configure EC2 Portforwarding only for the services needed
Solution 2:
Ensure that your protect your private keys and you should use the Security Group feature in AWS to ensure that your ports are secure (eg, allow SSH and FTP from your home or office only while allowing HTTP/S from all IPs).