NethServer Version: 7.9.2009
Hi,
I’ve been trying to read up on Fail2ban, Threat Shield, Suricata.
But, as they say, I can’t see the wood for the trees.
What is applicable/best practice for a Nethserver with NextCloud (calendar, contacts, file sharing), matrix and jitsi?
The 2 main users will mostly work from 2 different locations, but sometimes are elsewhere. But Matrix/Jitsi will be used to communicate with clients as well.
Any advice on this is highly appreciated.
Groeten,
René
EDIT:
Also increase your space and keep a frequent backup policy. This is most helpful on an eventual aftermath, in case you can pinpoint when a bad dude broke into your installation. This will ease a lot of job of configuration, “only” to restore manually the missing data thereafter.
Yes, in my notes I put a reminder to ask about that. I set up the network using the wiki.
I know I read somewhere to disable all services that are not needed (but can’t find it anymore) and I don’t know what services I can safely disable. In my VM the following services are active:
| name | Access |
|---|---|
| chronyd | green |
| dnsmasq | green |
| httpd | green red |
| httpd-admin | green red |
| jitsi(custom | green red |
| sshd | green red |
| synapse(custom) | red green |
Are these all needed?
I’ll make sure to use Fail2ban! And put the other two on my list of things to maybe test out sometimes in the future 
Ah, some more reading to do 
Will do 
Thanks!
Yes! Thank you!
Backup is high on the list of must haves. And I already read about the necessity to have a recent backup of the configuration
I also posted a question about backup options a week ago. Have you got any ideas about that?
A habit of me is not to permit root login on ssh at all.
Rather a user (can be user from the account provider) with sudo rights.
And only log in with a ssh-key with the (local) private-key password protected/encrypted.
Maybe a bit over cautious. 
