Results 1 to 5 of 5
Thread: How do you check client files?
-
05-27-2003, 02:17 PM #1Web Hosting Master
- Join Date
- Oct 2002
- Posts
- 1,611
How do you check client files?
I'm curious: how do server admins watch out for which files - uploaded by clients - may present a security threat or not?
-
05-27-2003, 02:41 PM #2Disabled
- Join Date
- Feb 2003
- Posts
- 344
I think that what you're suggesting is impractical. Your best bet would be to first secure your system (kernel patches, modified partition permissions, etc.) which will safe guard you against the majority of security related issues.
Second you may want to create a few scripts that will scan home directories for insecure formmail, known names of trojans & the likes as well as stuff that you do not permit (outlined in your AUP). Have the results of these scans emailed each morning or whatever interval you choose.
Watch your servers load (day by day), traffic output/input and any new users you install. Chances are customers who have been on your machine for 6 + months are not going to do the damage (unless they have their password guessed, cracked, whatever).
Keep your system software up to date.
-
05-27-2003, 03:12 PM #3Web Hosting Master
- Join Date
- Dec 2002
- Location
- The Shadows
- Posts
- 2,925
Set up a simple script to check for the files... Have some strict security settings implemented... And be careful who you give cgi-bin and ssh access to.
Dan Sheppard ~ Freelance whatever
-
05-26-2004, 02:36 PM #4Disabled
- Join Date
- May 2004
- Posts
- 100
ah, ansdrewipp you shouldn't post that way in webhostingtalk, please read the rules carefully...
-
05-26-2004, 02:38 PM #5Disabled
- Join Date
- May 2004
- Posts
- 100
i'm pretty sure there are programs/scripts out there that do what you want, actually i was looking for the same thing..
try looking on hotscripts.com
i'll let you know if i get hold of something