Secure your Virtual Machines in the cloud by doing the following:
- Reduce your open ports to as few as possible.
- Do NOT allow any process serving as a TCP/IP listener to run as root.
- Change your SSH port from 22 to something other than 22.
- Change this every day if you are paranoid.
- Change this every hour if your are crazy paranoid.
- Use only Public Key Encryption for SSH access.
- Change your Public Keys every day if you are paranoid.
- Change your Public Keys every hour if you are crazy paranoid.
- Use only 2048 bit keys whether paranoid or not.
- Deny root level access for all users other than via the console and ensure the console requires physical access in a secure building.
- Deny root level access completely if paranoid.
- Encrypt your disks – this keeps those who may steal your VM Image from being able to use it.
Hackers will exploit those details you have neglected !!!
Leave too many ports open with root level access and YOU will be hacked !!!
Make things too convenient for your own use and YOU will be hacked !!!
Remain ignorant of how hackers work and YOU will be hacked !!!
Be lazy and stupid and YOU will be hacked !!!
