Matt -Seeksadmin
08-09-2005, 08:45 AM
Hey guys, offering a free security audit for your servers this time around. My name is probably going to change from Matt-Seeksadmin to Matt-Rackpatrol, so bare with me. Also, my website shall be up and running in 2 weeks! Big plans ;). If you would like to view its temporary location it is available upon request. Also, if anyone wants testimonials, references and a resume from me then please contact me so I can send them to you.
Contact me for a free security audit on your server!
I will test your server for security faults, starting with nmap and nessus. Then I will check multiple points of security on your system. Detailed report at the end!
Advanced Security Plan
Disable Unused Services
Having more services on your server increases the security risk. Services like apmd, freeWnn and cups are unnecessary for production servers in most environments, disabling them allows for greater security and a more effective server.
Installation configuration of Iptables or APF
The installation and correct configuration of firewalls Is imperative to the security of servers. You can choose to use Iptables, which is pre-packaged with linux distributions, or use APF, a third party firewall. Both block all ports accept for ones being allowed.
Remove or restrict unneeded software
Software inactively taking up space on your server poses a big security risk as it can be activated and used against the server security. The unneeded software is also consuming valuable server resources that could be used for other things.
File Permissions and Ownership review
Having the wrong file permissions on crucial files presents a high security risk to your server. These files will be reviewed and checked to make sure the correct file permissions have been used.
Secure and verify the sticky bit for temp directories
Allowing non-authorised users to execute scripts on the server is a security risk. Securing the temporary directories will ensure that this does not happen.
Optional: Install and guide to using cryptographic file system
This allows you to encrypt vital and personal files, when you want to use it you input one command which unlocks the file, and another command to lock the file again. This will ask for passwords.
PAM installation and configuration
PAM is mainly an authentication module used to make sure that sessions, passwords, services, and user accounts don’t get out of hand. It can also be highly customised to provide custom functions such as per-user temporary directories.
Disable insecure protocols
Disable tools such as rsh, rcp, rlogin and telnet. These tools are just another open port for intruders to prey upon.
Mod Security installation and configuration
Mod_security provides elementary functionality against malicious attacks. It is an Instrusion detection and prevention system which will be yet another layer to the advanced security of your server. You can choose to have anything between aggressive rules to defensive and basic rules. Your choice!
Installation and configuration of SNORT
Snort is a network intrusion detection system used to analyse network traffic and report threats or violations on the network traffic.
Installation and configuration of Swatch
Swatch watches log files for any suspect activity, what it looks for is set by the administrator.
Patch Management
Network services, security updates and software patches will all be attended to, giving the most up to date system, providing the best security.
Installation and configuration of tripwire
Tripwire takes a snapshot of the system when it is clean, and then monitors changes at a certain interval. If a change has been detected then the admin or authorised user is notified. Note: Only on new systems.
Limit compiler and fetch utilities
Limiting the compiling utilities will stop malicious users from building their scripts on your server. Limiting fetch utilities will stop the user from fetching scripts from other servers. The utilities include gcc, rcp, wget, get, other dl utilities.
Host.conf and sysctl hardening
Basic DDOS protection against ‘kiddie’ hackers.
Nmap and Nessus testing
Nmap and Nessus will test the server for any open ports and then will try and gain access. This will inform both the user and the admin if securing is successful.
You can also select other services you want installed to help your security, including BFD, SIM, chkrootkit, mod_dosevasive, rkhunter, there are plenty more out there. You can also choose not to have some of these installed, as some do use resources.
Price - $65
- Simple Security Plan $30
- Server security assessment and report
- Logwatch installation and configuration
Logwatch watches the server activity and sends reports based on these.
-Host.conf & sysctl hardening
Spoof and DOS protection
-Secure temporary directories, using noexec and nosuid.
This prevents many hacking scripts from being executed
-BFD Installation
Checks for brute force hacking attempts against your server, when detected it will automatically add them to a blocked IP list within APF
-System Integrity monitor
Watches services, if down automatically restarts. Also watches the load and if it is too high it can restart the server
-Check/secure configuration defaults on common services.
-Chkrootkit & RkHunter Installation.
Chkrootkit and RKHunter scan the server for rootkits and send you a daily report (if required) when needed
-Limit compiler & fetch utilities access to root and authorised accounts only
-Installation and configuration of APF firewall
APF will stop access to unwanted ports, a necessity in the hosting world.
-Update Control Panel and software used by control panel
-Disabling Unused Services
This is a necessity, removing and disabling unused and outdated software can cause a large security hole in your server. E.g. Telnet and SSH1
Custom security packages are available upon assessment of the situation of the server and its uses.
Cpanel Setup - $30
- Cpanel configuration – includes setup of ips, DNS, nameservers, mail server, Updates, known bug fixes
- Installation of SIM (System Integrity Monitor)
This will automatically restart and report downed services
Hourly Work Rate - $30 per hour
Having that niggling problem with your server? Need something professionally installed and configured? Give me a buzz and we can work something out. If I quote a time frame and go over I will not charge more.
What else do I do?
- Yes I can custom configure Iptables for servers
- DDOS prevention and configuration
- Custom configurations
- Problem solving
- DNS errors
- Backup solutions
- Much much more, how much you ask? Just contact me.
Supported OS:
Redhat, Fedora core 1,2,3, 4, CentOS, Red Hat Enterprise, ask ;)
Supported Panels:
Cpanel, hsphere, directadmin, plesk, lpanel ask ;)
Terms:
All work comes with a 2-day money back guarantee if it does not meet your expectations or requirements. After 2 days an inspection will need to be made for a refund. At this time, only Paypal is accepted as a method of payment, sorry for any inconveniences this may create. Payments are made after the work has been completed, Non-taxable invoice will be supplied after end of job. Payment to be received within 24 hours unless arrangements have been made
Contact:
Msn & Email: cartoonwally@hotmail.com
Website: http://www.rackpatrol.com < UNDER CONSTRUCTION
Ticket Support: http://www.rackpatrol.com/index.php?module=htmlpages&func=display&pid=2
Contact me for a free security audit on your server!
I will test your server for security faults, starting with nmap and nessus. Then I will check multiple points of security on your system. Detailed report at the end!
Advanced Security Plan
Disable Unused Services
Having more services on your server increases the security risk. Services like apmd, freeWnn and cups are unnecessary for production servers in most environments, disabling them allows for greater security and a more effective server.
Installation configuration of Iptables or APF
The installation and correct configuration of firewalls Is imperative to the security of servers. You can choose to use Iptables, which is pre-packaged with linux distributions, or use APF, a third party firewall. Both block all ports accept for ones being allowed.
Remove or restrict unneeded software
Software inactively taking up space on your server poses a big security risk as it can be activated and used against the server security. The unneeded software is also consuming valuable server resources that could be used for other things.
File Permissions and Ownership review
Having the wrong file permissions on crucial files presents a high security risk to your server. These files will be reviewed and checked to make sure the correct file permissions have been used.
Secure and verify the sticky bit for temp directories
Allowing non-authorised users to execute scripts on the server is a security risk. Securing the temporary directories will ensure that this does not happen.
Optional: Install and guide to using cryptographic file system
This allows you to encrypt vital and personal files, when you want to use it you input one command which unlocks the file, and another command to lock the file again. This will ask for passwords.
PAM installation and configuration
PAM is mainly an authentication module used to make sure that sessions, passwords, services, and user accounts don’t get out of hand. It can also be highly customised to provide custom functions such as per-user temporary directories.
Disable insecure protocols
Disable tools such as rsh, rcp, rlogin and telnet. These tools are just another open port for intruders to prey upon.
Mod Security installation and configuration
Mod_security provides elementary functionality against malicious attacks. It is an Instrusion detection and prevention system which will be yet another layer to the advanced security of your server. You can choose to have anything between aggressive rules to defensive and basic rules. Your choice!
Installation and configuration of SNORT
Snort is a network intrusion detection system used to analyse network traffic and report threats or violations on the network traffic.
Installation and configuration of Swatch
Swatch watches log files for any suspect activity, what it looks for is set by the administrator.
Patch Management
Network services, security updates and software patches will all be attended to, giving the most up to date system, providing the best security.
Installation and configuration of tripwire
Tripwire takes a snapshot of the system when it is clean, and then monitors changes at a certain interval. If a change has been detected then the admin or authorised user is notified. Note: Only on new systems.
Limit compiler and fetch utilities
Limiting the compiling utilities will stop malicious users from building their scripts on your server. Limiting fetch utilities will stop the user from fetching scripts from other servers. The utilities include gcc, rcp, wget, get, other dl utilities.
Host.conf and sysctl hardening
Basic DDOS protection against ‘kiddie’ hackers.
Nmap and Nessus testing
Nmap and Nessus will test the server for any open ports and then will try and gain access. This will inform both the user and the admin if securing is successful.
You can also select other services you want installed to help your security, including BFD, SIM, chkrootkit, mod_dosevasive, rkhunter, there are plenty more out there. You can also choose not to have some of these installed, as some do use resources.
Price - $65
- Simple Security Plan $30
- Server security assessment and report
- Logwatch installation and configuration
Logwatch watches the server activity and sends reports based on these.
-Host.conf & sysctl hardening
Spoof and DOS protection
-Secure temporary directories, using noexec and nosuid.
This prevents many hacking scripts from being executed
-BFD Installation
Checks for brute force hacking attempts against your server, when detected it will automatically add them to a blocked IP list within APF
-System Integrity monitor
Watches services, if down automatically restarts. Also watches the load and if it is too high it can restart the server
-Check/secure configuration defaults on common services.
-Chkrootkit & RkHunter Installation.
Chkrootkit and RKHunter scan the server for rootkits and send you a daily report (if required) when needed
-Limit compiler & fetch utilities access to root and authorised accounts only
-Installation and configuration of APF firewall
APF will stop access to unwanted ports, a necessity in the hosting world.
-Update Control Panel and software used by control panel
-Disabling Unused Services
This is a necessity, removing and disabling unused and outdated software can cause a large security hole in your server. E.g. Telnet and SSH1
Custom security packages are available upon assessment of the situation of the server and its uses.
Cpanel Setup - $30
- Cpanel configuration – includes setup of ips, DNS, nameservers, mail server, Updates, known bug fixes
- Installation of SIM (System Integrity Monitor)
This will automatically restart and report downed services
Hourly Work Rate - $30 per hour
Having that niggling problem with your server? Need something professionally installed and configured? Give me a buzz and we can work something out. If I quote a time frame and go over I will not charge more.
What else do I do?
- Yes I can custom configure Iptables for servers
- DDOS prevention and configuration
- Custom configurations
- Problem solving
- DNS errors
- Backup solutions
- Much much more, how much you ask? Just contact me.
Supported OS:
Redhat, Fedora core 1,2,3, 4, CentOS, Red Hat Enterprise, ask ;)
Supported Panels:
Cpanel, hsphere, directadmin, plesk, lpanel ask ;)
Terms:
All work comes with a 2-day money back guarantee if it does not meet your expectations or requirements. After 2 days an inspection will need to be made for a refund. At this time, only Paypal is accepted as a method of payment, sorry for any inconveniences this may create. Payments are made after the work has been completed, Non-taxable invoice will be supplied after end of job. Payment to be received within 24 hours unless arrangements have been made
Contact:
Msn & Email: cartoonwally@hotmail.com
Website: http://www.rackpatrol.com < UNDER CONSTRUCTION
Ticket Support: http://www.rackpatrol.com/index.php?module=htmlpages&func=display&pid=2