LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-30-2006, 02:43 AM   #16
sysconfig
Member
 
Registered: Sep 2006
Location: (.)
Posts: 44

Rep: Reputation: 15

Hi,

What do you think configuring and installing http in chrooted environment?
 
Old 12-31-2006, 02:21 PM   #17
punjabipredator
Member
 
Registered: Dec 2006
Posts: 30

Original Poster
Rep: Reputation: 15
Hello

When we reinstalled the server and had the TCP WRAPPER added which only allows my ip range it has blocked out IRCD and others that used SSH to take over the server. When i ran rootkit the only problem and vulenerable was SSH. Yeah i will look for a better method to secure and harden SSH but at the moment a temporary fix is getting the job done. Thank You.
 
Old 01-04-2007, 07:04 PM   #18
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
Quote:
Originally Posted by punjabipredator
When we reinstalled the server and had the TCP WRAPPER added which only allows my ip range it has blocked out IRCD and others that used SSH to take over the server. When i ran rootkit the only problem and vulenerable was SSH. Yeah i will look for a better method to secure and harden SSH but at the moment a temporary fix is getting the job done. Thank You.
Add another layer of protection using an iptables script.
Restrict network accessible admin tools (ie cpanel).
Look at the the output of 'rpm -qa' and remove all unneeded RPMs.
Lock down SSH access to select users that authenticate using a public key.
Audit your web content.
Get familiar with all of the logs. Send syslog to another server for backup.
Once your server is ready for use, get a baseline status with Tripwire/AIDE before users login. Make regular comparisons.
Monitor your logs.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how can I secure my nis server ?can I use openSSL to secure it form sniffing ? abhi_raj Linux - Networking 1 07-10-2006 06:19 AM
LXer: University of Michigan Selects SSH Tectia for Secure System Administration and Secure File Transfers LXer Syndicated Linux News 0 04-25-2006 12:54 AM
secure httpd sanjibgupta Linux - Security 1 10-20-2005 09:36 PM
service httpd status, results in httpd dead but subsys locked squadja Red Hat 2 09-11-2004 10:31 PM
httpd chokes on ScriptAlias line in Apache httpd.conf lhoff Linux - Software 1 07-14-2003 10:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:37 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration