Results 1 to 11 of 11
-
03-02-2004, 06:19 PM #1Junior Guru
- Join Date
- Aug 2002
- Posts
- 215
Security measures when running your own server
my dinix dedicated server (well vps at the moment) is going great
im picking things up quickly but i guess im still a newbie at this although im starting to remember all the unix commands from my uni days
anyhoo - here goes - a lovely cookie to anyone who can help and a poison apple to anyone who suggests i use the search option on the site or look at old thread - shame on you!!!
What kind of security does servers have in place when you get them - i.e. are the default settings strong on security or quite poor?
What does everyone else do for security - do you install certain scripts -or do you change certain settings in whm ?
Are there certain scripts or certain scripts that make security more vulnerable?
I was planning on running a small hosting company - i dont want to do it for another 7 or 8 months til i think im totally sorted with all aspects of running a hosting site - However, im being drawn into it a lot quicker because of requests from friends and forum members. Does anyone know of some good tutorial/article sites (obviously wht is great for this as well) to learn all this?
Many thanks,
KevinKevin Muldoon - Blogging, WordPress, Internet Marketing
Rise Forums - Internet Marketing Discussion Forum
-
03-02-2004, 06:23 PM #2Retired Moderator
- Join Date
- Nov 2002
- Location
- WebHostingTalk
- Posts
- 8,901
Re: Security measures when running your own server
Originally posted by fonzerelli79
my dinix dedicated server (well vps at the moment) is going great
im picking things up quickly but i guess im still a newbie at this although im starting to remember all the unix commands from my uni days
anyhoo - here goes - a lovely cookie to anyone who can help and a poison apple to anyone who suggests i use the search option on the site or look at old thread - shame on you!!!
What kind of security does servers have in place when you get them - i.e. are the default settings strong on security or quite poor?
Kevin
It's kind of like asking, "I bought this car, will it catch fire and blow up". All providers offer different levels of O/S hardening, out of the box.... or... managed services to harden the box.
Most default settings are pretty poor, but again, it depends on how the box was built. I would suggest using the SEARCH to find someone who could walk through your boxes config, with you and offer some security suggestions.
I hear "thelinuxguy" is pretty good.
Sirius
-
03-02-2004, 06:27 PM #3Junior Guru
- Join Date
- Aug 2002
- Posts
- 215
thanks sirious - though ive already looked at numerous threads on the issue here - a lot tend to talk about it but not talk about it if that makes sense - like members ask questions then come back and say no ive sorted it
ill maybe look into the linux guys posts moreKevin Muldoon - Blogging, WordPress, Internet Marketing
Rise Forums - Internet Marketing Discussion Forum
-
03-02-2004, 06:48 PM #4Web Hosting Master
- Join Date
- Feb 2004
- Posts
- 631
Have you checked out hostinglife? They've got sections there on strengthening your box.
-
03-02-2004, 06:51 PM #5Junior Guru
- Join Date
- Aug 2002
- Posts
- 215
good link
Kevin Muldoon - Blogging, WordPress, Internet Marketing
Rise Forums - Internet Marketing Discussion Forum
-
03-02-2004, 06:56 PM #6Web Hosting Master
- Join Date
- Dec 2003
- Posts
- 565
www.hostinglife.com
start here and i think you will be ok
-
03-02-2004, 07:37 PM #7Web Hosting Master
- Join Date
- Dec 2001
- Posts
- 5,221
Greetings Kevin:
For Unix-based systems, this should include the following:
* Disable telnet.
* Limit SSH access to specific IP addresses.
* Disable direct root login.
* Remove unnecessary packages / software.
* Harden the kernel against synflood and basic DOS attacks.
* Remove common user access to compilers and fetching software (wget, fetch, lynx, etc.).
* Ensure /tmp is in its own partition with noexec, nosuid.
* Ensure kernel and software is up to date.
* Remove unnecessary users and groups.
* Install chkrootkit, logwatch, tripwire.
* Install a firewall, and port scan detector.
* For Apache servers, install mod_security and configure for use with FrontPage, PHPMyAdmin, Site Studio, and other common applications.
* Secure DNS Servers
* Utilize firewall automation to mitigate brute force FTP, syn floods, mail bombs, and out-of-network trojan’d servers from impacting your servers
It is important to note that security is an ongoing venture. Even if you were to take all of the steps listed above, you would still have a regular routine of review, update, research, patch, etc.
Thank you.
-
03-02-2004, 07:39 PM #8Junior Guru
- Join Date
- Aug 2002
- Posts
- 215
fantastic post dynamicnet - youve definately helped me out a lot
Kevin Muldoon - Blogging, WordPress, Internet Marketing
Rise Forums - Internet Marketing Discussion Forum
-
03-02-2004, 08:35 PM #9Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
lol thats got to be a premade post
btw, fonzerelli79 if u got msn. id be happy to guide u threw some security.Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
03-03-2004, 11:16 AM #10Newbie
- Join Date
- Mar 2004
- Posts
- 8
Originally posted by Boost
www hostinglife.com
start here and i think you will be ok
I trully believe that if we help each other, will will ALL prosper together as VERY good friends just like Open Source.
Trully a great idea.
Kuddos to them
-
03-03-2004, 11:18 AM #11Newbie
- Join Date
- Mar 2004
- Posts
- 8
Hey Guys,
here is another free help site to setup/manage servers.
hostinghacks.net