Page 1 of 2 12 LastLast
Results 1 to 15 of 22
  1. #1
    Join Date
    Aug 2006
    Posts
    76

    question about server hardening and 1-time deals you see around

    I've seen some pretty intensive hardening deals, they seem to cost around $200. If you have one of these done how long are you 'good' for? 1 month, 2, 3, 6? I can't really afford $100 a month initially so was considering a 1 time hardening and then maybe 2-3 months down the road subscribing to a service.. Thanks for any advice! I am running centOS whm/cpanel. I'm considering attacker.net..

  2. #2
    Join Date
    Mar 2009
    Posts
    47
    Quote Originally Posted by BillyT View Post
    I've seen some pretty intensive hardening deals, they seem to cost around $200. If you have one of these done how long are you 'good' for? 1 month, 2, 3, 6? I can't really afford $100 a month initially so was considering a 1 time hardening and then maybe 2-3 months down the road subscribing to a service.. Thanks for any advice! I am running centOS whm/cpanel. I'm considering attacker.net..
    I believe Rack911.com has a package that would suit your needs. I haven't had first hand experience with them, but they have a lot of happy customers floating around WHT.

    You may also want to look at posting your requirements into the Systems Management Requests forum.

  3. #3
    Join Date
    Mar 2009
    Location
    /usr/bin/perl
    Posts
    971
    What does server hardening even mean? This is a question you should ask yourself before purchasing any of these services. Make the company you are considering give you a list of things that they're actually going to do, and then go and google how hard it is to actually do what they propose. If they won't give you a list then that should be a very good indication that they don't actually do much at all.

  4. #4
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,250
    Be weary of companies that offer a one size fits all security package. Often times it won't be a good solution for your application. I see companies that offer 'exim dictionary attack protection', in their package.. Sure it sounds good. But what if your running postfix, qmail (plesk for example)? It can't be applied to your server. Are they going to offer you a discount because its not applicable? Probably not. Are they going to install something comparable that works with your MTA? I don't know.

    Certain control panels need different things taken into account for.

    Cpanel for example... /scripts/upcp upgrades the control panel and applicable software (exim, courier or dovecot, ftp daemon, your webmail, etc).

    Directadmin on the other hand has more involved. All to often I see a company upgrade a directadmin server, but fail to upgrade things like squirrelmail or phpmyadmin... THESE THINGS HAVE HAD SERIOUS EXPLOITS!. There is a procedure to upgrading them that most people over look.

    Be sure the company you work with is doing all they can to make your server secure.

    Some packages include 'item's that have nothing to do with security, but instead of 'management' aids, etc.

    For example installing mytop is not security, but it helps a admin manage his / her server. If you are looking to get a management service down the road you don't need this. It adds weight to a companies offering but it is not security.

    There are also companies that install zend optimizer, ioncube, and eaccelerator as part of their security package. Keep in mind, while these are useful to have, they are not contributing to the security of your server.

    The number one thing people need is an updated kernel. It should be the first layer of security applied to a server. Having an outdated kernel can lead to easy escalation of privledges from a user to root access. We have been seeing a large number of hacked servers from the recent sock_sendpage() NULL pointer dereference exploit. With the easy accessibility to WORKING exploits, there are a ton of people being exploited via simple php RFI exploits. Once they have root they can do anything, deface, delete, steal your content, launch more advanced attacks on other servers. All of those can lead to a damaged business.

    How long a package lasts? It depends. You could go a month without a serious exploit, or one can be released next week.

    Which ever company you choose, even if you cannot afford a full management plan, ask them if they offer a proactive security upgrade service at a lower price. That way you can at least stay secure.

    One more thing, when shopping for a management company, I would be looking for one that is proactive verses reactive . They cost more, but your business will be better protected.
    Last edited by Steven; 10-03-2009 at 07:00 PM.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  5. #5
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,250
    Quote Originally Posted by jarrodsl View Post
    What does server hardening even mean? This is a question you should ask yourself before purchasing any of these services. Make the company you are considering give you a list of things that they're actually going to do, and then go and google how hard it is to actually do what they propose. If they won't give you a list then that should be a very good indication that they don't actually do much at all.
    This is a poor way to look at it. I don't give a list upfront because every server needs something different.

    Go ahead and google. Just because it was written 6 months ago doesn't mean the information is going to be valid or accurate today. The versions in many of the tutorials on the net are old, and the average person just copies and pastes. If that's what a person is going to do, more power to them and their server.

    As another note:

    Everyone, next time your in your server take a look at your sshd log and do a dig on the ips hitting your sshd server. It's not uncommon to find well known and respected companies attacking your server with their hacked servers.
    Steven Ciaburri | Proactive Linux Server Management - Rack911.com
    System Administration Extraordinaire | Follow us on twitter:@Rack911Labs
    Managed Servers (AS62710), Server Management, and Security Auditing.
    www.HostingSecList.com - Security notices for the hosting community.

  6. #6
    Join Date
    Mar 2009
    Location
    /usr/bin/perl
    Posts
    971
    Quote Originally Posted by Steven View Post
    This is a poor way to look at it. I don't give a list upfront because every server needs something different.

    Go ahead and google. Just because it was written 6 months ago doesn't mean the information is going to be valid or accurate today. The versions in many of the tutorials on the net are old, and the average person just copies and pastes. If that's what a person is going to do, more power to them and their server.

    As another note:

    Everyone, next time your in your server take a look at your sshd log and do a dig on the ips hitting your sshd server. It's not uncommon to find well known and respected companies attacking your server with their hacked servers.
    I fundamentally disagree.

    Applying security updates, turning off or limiting access to unnecessary networked services, and using strong passwords or public keys is 99.995% of the battle. As much as those "in the business" of hardening servers might want to make these tasks sound like some sort of arcane science, the fact is that the procedures are relatively straight forward and well documented.

    Now, sure, if there's an experienced blackhat who is hell-bent on infiltrating your network you may need to go above and beyond the steps I've outlined. I have a hard time believing that one-time "server hardening" is going to protect you either, though.

    But hey, if it helps you sleep better at night, there's no premium you can place on that . . .

  7. #7
    Join Date
    Apr 2007
    Location
    US, UK, Europe, ME
    Posts
    256
    Hello,

    If you have one of these done how long are you 'good' for?
    One-Time hardening package/Initial Setup and Security Hardening Package is for the server admin that is comfortable maintaining a server and updating as necessary, but not a security expert.


    Everything should be done manually and customized to fit the client needs. It's a must to review and setup everything manually to get everything set up properly, Security is not running a pre-made scripts.

    and YES, it helps a lot, If you already have a patched kernel, a secured environment, and a multi-layered protection and everything is in place, You can detect/identify/defend against threats and you should be fine and it's better than nothing.



    Finally, Any Server management company should be able to offer a security upgrade services as an incident/hourly support.

    Good luck BillyT.

    Thanks
    Server Management - Attacker.NET
    Linux & Windows Server Management | Security Services | Outsourced support | High Availability
    Certified Information Security Professionals.
    E-mail sales@attacker.net

  8. #8
    Join Date
    May 2007
    Posts
    271
    Since you mentioned $100 is to much, I agree. You should check the package that platinumservermanagement.com offers. It might be what you are looking for.
    They call me the bread baker

  9. #9
    Join Date
    May 2009
    Location
    Atlanta,GA
    Posts
    85
    Quote Originally Posted by stebaker View Post
    Since you mentioned $100 is to much, I agree. You should check the package that platinumservermanagement.com offers. It might be what you are looking for.
    PSM is your best option

  10. #10
    Join Date
    Nov 2004
    Location
    India
    Posts
    1,101
    Starting from $25 to $xxx budget, there are so many companies around to offer hardening or server support package. Do not worry about your budget
    Last edited by writespeak; 10-12-2009 at 02:46 PM.

  11. #11
    Greetings:

    There is no such thing as a one time server hardening.

    Server security requires an initial hardening, and then ongoing work to keep it secure and hardened.

    I don't know of any tool that tells you how long a server hardening will last until the risk is too great; your best bet is to take security extremely seriously, secure the server, and keep it secured.

    Thank you.
    ---
    Peter M. Abraham
    LinkedIn Profile

  12. #12
    Join Date
    Sep 2009
    Location
    Atlanta, GA
    Posts
    78
    Most of the server "hacks" I have seen recently involve a client computer (not the server) getting malware on it, and then sniffing a password via keystrokes or data-streams. Making sure your home computer is secure is extremely important, not just server hardening.

  13. #13
    $25 to "harden" a server is extremely low... don't expect any type of serious security on a $25 budget as hardening can be extremely extensive such as grsecurity, access control, HIDS setup, NIDS setup, package updates, and package hardening and system hardening... to do all this on a normal system serving dns, http, email, etc I wouldn't charge less than $2000

  14. #14
    Join Date
    Apr 2009
    Location
    whitehouse
    Posts
    642
    Server hardening is perpetual .It never ends..you never know when a new expoit is going to pop up on the server, it could be with the kernel or with any of the application software installed. The best way to protect yourself is to regulary update your softwares on the server,apply the security patches ,set stong passwords, disable unwanted services ..etc..

    Quote Originally Posted by BillyT View Post
    I've seen some pretty intensive hardening deals, they seem to cost around $200. If you have one of these done how long are you 'good' for? 1 month, 2, 3, 6? I can't really afford $100 a month initially so was considering a 1 time hardening and then maybe 2-3 months down the road subscribing to a service.. Thanks for any advice! I am running centOS whm/cpanel. I'm considering attacker.net..
    James B
    EzeeloginSetup your Secure Linux SSH Gateway.
    |Manage & Administer Multiple Linux Servers Quickly & Securely.

  15. #15
    Join Date
    Sep 2009
    Location
    Atlanta, GA
    Posts
    78
    It's also very important that you make sure your code, and all your developers code, avoid exploitable practices.

Page 1 of 2 12 LastLast

Similar Threads

  1. Quick question about server hardening
    By CrownS in forum Hosting Security and Technology
    Replies: 3
    Last Post: 02-06-2008, 06:19 PM
  2. One time server hardening (because I'm lazy...)
    By CiscoMike in forum Systems Management Requests
    Replies: 6
    Last Post: 11-27-2007, 08:09 PM
  3. Replies: 3
    Last Post: 04-17-2005, 05:03 PM
  4. Server Security Hardening for 19$ One Time!
    By cDedicated.com in forum Employment / Job Offers
    Replies: 3
    Last Post: 02-25-2005, 12:13 PM

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •