LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-27-2011, 04:33 AM   #1
elieobeid7
LQ Newbie
 
Registered: Jul 2011
Posts: 21

Rep: Reputation: Disabled
What are the most important security software on centos vps


i have a centos vps with lamp and ffmpeg and these libraries, I don't have a cpanel or any hosting panel, I have parallel virtuozzo which offers a firewall. now i have 2 questions:

1- I have a cpanel so should I worry about my server side security or should my company worries about that

2-If it's me who should protect everything from everyone lol what should i install on the vps? and by the way it's the first time i use parallel virtuozzo, coz my previous hosting provider has open panel, I know that parallel virtuozzo is the best (i read that on forums ) but is the firewall enough or do i have to install another one

Last edited by elieobeid7; 08-29-2011 at 04:07 PM.
 
Old 08-29-2011, 03:03 PM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
How to harden a server is a very broad topic. Each application has its own requirements and adds it's own complexities to the mix. One very important thing to think of as you investigate the process is that you want to apply your security in layers. For example, use a hardware firewall and only open the required ports, then prohibit access from anywhere except the firewall, and then program the application with further restrictions. While each of these may seem to accomplish the same thing, they are additional hurdles that a would be intruder must get past. Another thing to keep in mind is that having users authenticate with multiple pieces of information, such as having a key and knowing a password is much better than password alone. Also keep in mind the concept of least privilege. Don't allow more ports than you require, don't give users permissions that they don't need, don't run as root simply because you can and instead elevate to root to perform the required task and then drop this privilege.

With an application like CPANEL (it isn't clear if you are using it or not, you say you are and you are not), you should keep management interfaces so that they are not publicly available. Instead keep them on a private interface and require either a VPN connection or at least an SSH tunnel. Other programs, such as Apache, are generally good out of the box, but you need to be careful what you add to them, especially custom PHP based applications. You will want to definately want to make sure that you keep your applications patched and up to date.

Lastly, search this forum for many of the server hardening threads. These will have many suggestions. You should also check out the security references sticky at the top of the forum thread list.
 
1 members found this post helpful.
Old 08-29-2011, 06:17 PM   #3
elieobeid7
LQ Newbie
 
Registered: Jul 2011
Posts: 21

Original Poster
Rep: Reputation: Disabled
I don't have a cpanel, paralell virtuozzo is the vps panel, like open panel, where you format your vps, install a new OS...it comes by default from vps provider, but not a cpanel that you install which installs php phpmyadmin and so on
 
  


Reply

Tags
centos, security, vps


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Securing a Linux Centos VPS MisterTickle Linux - Security 1 02-07-2011 11:42 AM
Quick, Easy "Security Cheat Sheet" for new Centos 5.4 VPS? paulsm4 Linux - Security 5 04-26-2010 02:19 PM
CentOS 5.3 VPS and RealVNC TheN00B Linux - Server 1 03-11-2010 11:36 AM
Xvnc will not start (CentOS vps) WojtekO Linux - Software 1 11-09-2006 05:51 PM
VPS security?? itware Linux - Security 2 05-06-2004 11:02 AM


All times are GMT -5. The time now is 10:43 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration