Results 1 to 3 of 3
  1. #1
    Join Date
    Apr 2004

    Server Security and Administration

    Hey guys, here are my server security and administration plans that I am offering to the public. Most of you guys have encountered me around these boards. So, if you need to know some information about services I offer or what you require then just give me a yell.

    Contact me for a free security audit on your server!

    I will test your server for security faults, starting with nmap and nessus. Then I will check multiple points of security on your system. Detailed report at the end!

    Advanced Security Plan

    Disable Unused Services

    Having more services on your server increases the security risk. Services like apmd, freeWnn and cups are unnecessary for production servers in most environments, disabling them allows for greater security and a more effective server.

    Installation configuration of Iptables or APF

    The installation and correct configuration of firewalls Is imperative to the security of servers. You can choose to use Iptables, which is pre-packaged with linux distributions, or use APF, a third party firewall. Both block all ports accept for ones being allowed.

    Remove or restrict unneeded software

    Software inactively taking up space on your server poses a big security risk as it can be activated and used against the server security. The unneeded software is also consuming valuable server resources that could be used for other things.

    File Permissions and Ownership review

    Having the wrong file permissions on crucial files presents a high security risk to your server. These files will be reviewed and checked to make sure the correct file permissions have been used.

    Secure and verify the sticky bit for temp directories

    Allowing non-authorised users to execute scripts on the server is a security risk. Securing the temporary directories will ensure that this does not happen.

    Optional: Install and guide to using cryptographic file system

    This allows you to encrypt vital and personal files, when you want to use it you input one command which unlocks the file, and another command to lock the file again. This will ask for passwords.

    PAM installation and configuration

    PAM is mainly an authentication module used to make sure that sessions, passwords, services, and user accounts don’t get out of hand. It can also be highly customised to provide custom functions such as per-user temporary directories.

    Disable insecure protocols

    Disable tools such as rsh, rcp, rlogin and telnet. These tools are just another open port for intruders to prey upon.

    Installation and configuration of SNORT

    Snort is a network intrusion detection system used to analyse network traffic and report threats or violations on the network traffic.

    Installation and configuration of Swatch

    Swatch watches log files for any suspect activity, what it looks for is set by the administrator.

    Patch Management

    Network services, security updates and software patches will all be attended to, giving the most up to date system, providing the best security.

    Installation and configuration of tripwire

    Tripwire takes a snapshot of the system when it is clean, and then monitors changes at a certain interval. If a change has been detected then the admin or authorised user is notified.

    Limit compiler and fetch utilities

    Limiting the compiling utilities will stop malicious users from building their scripts on your server. Limiting fetch utilities will stop the user from fetching scripts from other servers.

    Host.conf and sysctl hardening

    Basic DDOS protection against ‘kiddie’ hackers.

    Nmap and Nessus testing

    Nmap and Nessus will test the server for any open ports and then will try and gain access. This will inform both the user and the admin if securing is successful.

    You can also select other services you want installed to help your security, including BFD, SIM, chkrootkit, mod_dosevasive, rkhunter, there are plenty more out there.

    Price - $65

    - Simple Security Plan $30

    - Server security assessment and report
    - Logwatch installation and configuration
    Logwatch watches the server activity and sends reports based on these.
    -Host.conf & sysctl hardening
    Spoof and DOS protection
    -Secure temporary directories, using noexec and nosuid.
    This prevents many hacking scripts from being executed
    -BFD Installation
    Checks for brute force hacking attempts against your server, when detected it will automatically add them to a blocked IP list within APF
    -System Integrity monitor
    Watches services, if down automatically restarts. Also watches the load and if it is too high it can restart the server
    -Check/secure configuration defaults on common services.
    -Chkrootkit & RkHunter Installation.
    Chkrootkit and RKHunter scan the server for rootkits and send you a daily report (if required) when needed
    -Limit compiler & fetch utilities access to root and authorised accounts only
    -Installation and configuration of APF firewall
    APF will stop access to unwanted ports, a necessity in the hosting world.
    -Update Control Panel and software used by control panel
    -Disabling Unused Services
    This is a necessity, removing and disabling unused and outdated software can cause a large security hole in your server. E.g. Telnet and SSH1

    Custom security packages are available upon assessment of the situation of the server and its uses.

    Cpanel Setup - $30
    - Cpanel configuration – includes setup of ips, DNS, nameservers, mail server, Updates, known bug fixes
    - Installation of SIM (System Integrity Monitor)
    This will automatically restart and report downed services

    Hourly Work Rate - $30 per hour
    Having that niggling problem with your server? Need something professionally installed and configured? Give me a buzz and we can work something out. If I quote a time frame and go over I will not charge more.

    What else do I do?

    - Yes I can custom configure Iptables for servers
    - DDOS prevention and configuration
    - Custom configurations
    - Problem solving
    - DNS errors
    - Backup solutions
    - Much much more, how much you ask? Just contact me.

    Supported OS:
    Redhat, Fedora core 1,2,3, CentOS, Red Hat Enterprise

    Supported Panels:
    Cpanel, hsphere, directadmin

    All work comes with a 2-day money back guarantee if it does not meet your expectations or requirements. After 2 days an inspection will need to be made for a refund. At this time, only Paypal is accepted as a method of payment, sorry for any inconveniences this may create. Payments are made after the work has been completed, Non-taxable invoice will be supplied after end of job. Payment to be received within 24 hours unless arrangements have been made

    AIM: wsukmatt
    Msn & Email: [email protected]
    I prefer the use of msn

  2. #2
    Join Date
    Apr 2003
    Atlanta, Jawja
    Got a site with your services? I'm possibly interested in seeing what you can offer.
    Douglas Hazard - Certifiable Sports Junkie and Sports Community Enthusiast

    Host of Two Cents Radio - Follow @TwoCentsRadio on Twitter (@BearlyDoug on Twitter)

  3. #3
    Join Date
    Apr 2004
    Hi Douglas,
    I used to, unfortunately the company i worked for fell through, so i am in the process of rebuilding and working things out. Talking to me about it will be much more informative then any website. Do you have a contact?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts