BoA
12-21-2003, 03:54 AM
What steps should I take to secure my server (besides not allowing SSH) ?
 | View Full Version : Steps to secure my server thedavid 12-21-2003, 03:56 AM Did you check this thread out that I sent ya earlier?: http://www.webhostingtalk.com/showthread.php?s=&threadid=184089 It's a good start.. -David Steven 12-21-2003, 05:51 AM pay someone to do it... nogi 12-21-2003, 10:32 AM www.admin0.info ;) John dynamicnet 12-21-2003, 10:42 AM Greetings: For RedHatLinux: * Disable telnet. * Limit SSH access to specific IP addresses. * Disable direct root login. * Remove unnecessary packages / software. * Harden the kernel against synflood and basic DOS attacks. * Remove common user access to compilers and fetching software (wget, fetch, lynx, etc.). * Ensure /tmp is in its own partition with noexec, nosuid. * Ensure kernel and software is up to date. * Remove unnecessary users and groups. * Install chkrootkit, logwatch, tripwire. * Install a firewall, and port scan detector. * For Apache servers, install mod_security and configure for use with FrontPage, PHPMyAdmin, Site Studio, and other H-Sphere applications. * Secure DNS Servers Also, consider firewalls which allow scripting extensions to handle minimizing brute force FTP, mail bomb attacks, etc. Thank you. supportadmin 12-21-2003, 11:29 AM Hello A quick wit: AFP firewalls always come handy. Cheer Supportadmin vince2874 12-21-2003, 11:45 AM This thread is very useful http://forums.ev1servers.net/showthread.php?threadid=30333&highlight=security+checklist |