Server Security Questions
Hey guys,
I was wondering what I should do on my server to make it more secure.
I have
FTP - no anonymous / users locked to thier home
Apache - didn't do anything
SSH - I couldn't figure a way to only give 1 login attempt so I gave 2. No remote root. Still on port 22 but thinking about changing it.
I run fc6. If there is anything you guys can thing of to help secure my server please let me know.
Thanks,
nomb
If you would like I can post my iptables. OH, I also am running splunk. I was wondering how I can add an iptables rule to only allow the web interface of splunk to be view using the loopback address. Or should I just block it in the router and not on ther server so if I'm on another computer on my lan I can still view the logs. Also I notice when I was captureing my network traffic ftp logins are in plaintext... What can I do about that?
|