Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been messing around with hosting a website a little bit. The other day, it got hacked I believe, as suddenly the entire directory of information was gone with out a trace.
I didn't see any login attempts thru ssh, or ftp, so I was unsure about how it happened. Either an exploit of some sort, or my own error? No idea.
I installed a fresh copy of Fedora 6 and would like to go back online. But where are some good resources , or a check list of sorts to make sure I didn't miss anything, so I can sleep better at night.
Where would I go to find exploits of apache and such so I can keep up on the times?
Many thanks,
Last edited by neocontrol; 05-06-2010 at 01:38 PM.
You might consider using CentOS instead of Fedora Core. You could enable the firewall and SELinux upon install. Extensive logging in enabled making it easier to follow breakin attempts and the aftermath of hacking.
You could then install something like DenyHosts python script to block multiple login failures.
Where would I go to find exploits of apache and such so I can keep up on the times?
If you want to keep up on bleeding edge stuff that's just released, one of the infosec mailing lists is the way to go, like bugtraq or full-disclosure. The signal-to-noise ratio can be a bit low on those, especially if you're interested in just Apache vulns, so you may want an Apache-specific list.
Probably the single most-effective measure you can take is to turn on nightly YUM updates, so that your server will be fully patched at all times. If you are hosting anything with dynamic content like CGI scripts, PHP or third-party add ons like phpBB bulletin boards then you need to independently monitor their security status as they will not be automatically updated (PHP core files will be). Also many of these addons have individual security tweaks that can be very helpful, like turning off register_globals in pre-4.2 versions of PHP. I'd also second using mod_security.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.