LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-30-2016, 04:02 AM   #31
skyred5
LQ Newbie
 
Registered: Mar 2016
Posts: 14

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by jefro View Post
There are many ways to harden a server. The more "best practices" you learn and employ the more secure it will be.

I don't agree with all of these but it is a start. http://www.cyberciti.biz/tips/linux-security.html

Your vendor should provide you with a set of parameters too.

Stuff older like this helps too. https://www.nsa.gov/ia/_files/factsh...phlet-i731.pdf

https://www.sans.org/media/score/che...xchecklist.pdf
Thanks for your input on this. I will be starting to rebuild the server soon. Will look at the links provided to strengthen security.
 
Old 05-05-2016, 08:12 PM   #32
skyred5
LQ Newbie
 
Registered: Mar 2016
Posts: 14

Original Poster
Rep: Reputation: Disabled
Just want to provide an update that I have managed to rebuild the DB server and malware is gone. Thanks again for all the information provided. Cheers!
 
Old 05-05-2016, 08:36 PM   #33
sag47
Senior Member
 
Registered: Sep 2009
Location: Raleigh, NC
Distribution: Ubuntu, PopOS, Raspbian
Posts: 1,899
Blog Entries: 36

Rep: Reputation: 477Reputation: 477Reputation: 477Reputation: 477Reputation: 477
Quote:
Originally Posted by unSpawn View Post
Here the only approach is to set up a new server, harden it properly and then migrate data but only after thorough inspection.
I agree with this assessment. The more pressing matter is active logins. I recommend blocking all network access to the server. Right now it serves as a jump box to further hack and infect your network. If you can't block network access then shut it down.


EDIT: never mind I didn't realize this thread was three pages deep.

Last edited by sag47; 05-05-2016 at 08:37 PM.
 
Old 05-05-2016, 08:40 PM   #34
skyred5
LQ Newbie
 
Registered: Mar 2016
Posts: 14

Original Poster
Rep: Reputation: Disabled
I have also checked with the vendors who provided my company this DB server. They said there are only a few ways to harden this server; create administration portal to act as a proxy, and to change root password. They further mentioned that they only use root account on the server.

Either way, I have since left that company, but it was a good learning experience. I will definitely read up more on Linux!
 
Old 05-06-2016, 06:55 AM   #35
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Quote:
Originally Posted by skyred5 View Post
It's ubuntu. I'm sure of that.
It's a CentOS 5.x kernel point release.
Quote:
Originally Posted by skyred5 View Post
2.6.18-406.el5
Code:
cat /etc/redhat-release
I didn't read all of it, so sue me.

Last edited by Habitual; 05-06-2016 at 06:57 AM.
 
Old 05-06-2016, 06:58 AM   #36
skyred5
LQ Newbie
 
Registered: Mar 2016
Posts: 14

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
It's a CentOS 5.x kernel point release.


Code:
cat /etc/redhat-release
I didn't read all of it, so sue me.
Nope. According to the manual from the vendor, it's actually redhat 5.
 
Old 05-06-2016, 07:00 AM   #37
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Well, now you know.
I shoulda/coulda/woulda said RedHat since they are the authoritative source.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
centos 5 machine plagued with 'mount error 13 = Permission denied' tonj Linux - Software 22 03-28-2015 05:32 AM
LXer: Delicious irony: iPhone 5S and iOS 7 plagued by Blue Screen of Death LXer Syndicated Linux News 0 10-12-2013 05:11 PM
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:40 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration