Steven
01-28-2006, 12:33 PM
Need to brush up on your server security? We can do this for you. We have put together the perfect combination of functionality and security for shared webhosting providers.
Limit compiler & fetch utilities access to root only
Limit access to certian binarys and utilities from users other than root.
Correct folder permissions to prevent directory transversal
Correct permissions on certian directorys which users should not have read access to.
Disable Unused services
Disable unused services not required on webservers.
Update all server/control panel software
Update all server and control panel related software to stable secure versions.
Remove os default users & groups
Remove unneeded default os users and groups.
Remove uneeded operating system packages
Remove uneeded rpm packages which could lead to security vulnerablities.
Harden host.conf
Prevent dns poisening and no spoof enable.
Disable certain php functions (system,exec,shell_exec)
This is done, unless requested not be done. Disable system, exec, shell_exec, dl
Configure Anti-Spam solution for email
Configure our own setup of spam assassin
Configure Anti-Virus solution for email
Configure clamav to scan email.
Install and configure Mod_security for apache
Install mod_security and configure it to block common web attacks.
Install and configure Mod_dosevasive for apache
Mod_evasive blocks dos attempts on apache.
Installation of APF (Advanced Policy Firewall)
Iptables frontend to restrict access to unneeded ports.
Installation of BFD (Brute Force Protection)
Automated bruteforce blocking.
Installation of PRM (Process Resource Monitor)
Monitors resource usage and kills processes going over limit.
Installation of SIM (System Integrity monitor)
Ensures services stay online.
Installation of Chkrootkit (daily reports will be sent)
Installation of Rkhunter (daily reports will be sent)
Checks server for common known rootkits.
Upgrade kernel to latest os release (add grsecurity or openwall - $10)
Ensure kernel is updated.
Enforce LCAP limitations
Disable certian kernel functions.
Disable IP Source Routing
Disable ICMP Redirect Acceptance
Enable IP Spoofing Protection
Enable syncookie Protection
Enable misc. sysctl settings
$85
Kernel upgrades:
2.6 with grsecurity - $35
2.4 with grsecurity - $25
Contact sales@Rack911.com for more information.
You can view our other services at http://www.rack911.com
We accept 2checkout and paypal
Limit compiler & fetch utilities access to root only
Limit access to certian binarys and utilities from users other than root.
Correct folder permissions to prevent directory transversal
Correct permissions on certian directorys which users should not have read access to.
Disable Unused services
Disable unused services not required on webservers.
Update all server/control panel software
Update all server and control panel related software to stable secure versions.
Remove os default users & groups
Remove unneeded default os users and groups.
Remove uneeded operating system packages
Remove uneeded rpm packages which could lead to security vulnerablities.
Harden host.conf
Prevent dns poisening and no spoof enable.
Disable certain php functions (system,exec,shell_exec)
This is done, unless requested not be done. Disable system, exec, shell_exec, dl
Configure Anti-Spam solution for email
Configure our own setup of spam assassin
Configure Anti-Virus solution for email
Configure clamav to scan email.
Install and configure Mod_security for apache
Install mod_security and configure it to block common web attacks.
Install and configure Mod_dosevasive for apache
Mod_evasive blocks dos attempts on apache.
Installation of APF (Advanced Policy Firewall)
Iptables frontend to restrict access to unneeded ports.
Installation of BFD (Brute Force Protection)
Automated bruteforce blocking.
Installation of PRM (Process Resource Monitor)
Monitors resource usage and kills processes going over limit.
Installation of SIM (System Integrity monitor)
Ensures services stay online.
Installation of Chkrootkit (daily reports will be sent)
Installation of Rkhunter (daily reports will be sent)
Checks server for common known rootkits.
Upgrade kernel to latest os release (add grsecurity or openwall - $10)
Ensure kernel is updated.
Enforce LCAP limitations
Disable certian kernel functions.
Disable IP Source Routing
Disable ICMP Redirect Acceptance
Enable IP Spoofing Protection
Enable syncookie Protection
Enable misc. sysctl settings
$85
Kernel upgrades:
2.6 with grsecurity - $35
2.4 with grsecurity - $25
Contact sales@Rack911.com for more information.
You can view our other services at http://www.rack911.com
We accept 2checkout and paypal