High Security Issue for linux server (New Methods)

Portal Home > Knowledgebase > Articles Database > High Security Issue for linux server (New Methods)

Posted by hosein, 08-22-2007, 12:40 AM
Hi, What are new methods to High secure a linux server ? (For webhosting company) Please write something you know for Linux Security Methods (New version of OS). Thank You Last edited by hosein; 08-22-2007 at 12:43 AM. Reason: Edit
Posted by kencox, 08-22-2007, 12:45 AM
No New Methods. Run your nessusd scans regulary fix what is broken. Dont allow root logins follow the basics keep your box updated always run a firewall, never get lazy.
Posted by maestriatech, 08-22-2007, 02:32 AM
1.Configure Anti-Virus and Anti-Spam solution for email. 2 .Installing Mod_security and Mod_dosevasive for apache. 3 .Installation of PRM (Process Resource Monitor) 4 .Installation of Rkhunter (daily reports will be sent) 5 .Enable IP Spoofing Protection (Kernel level) 6 .Snort w/Acid configuration 7 .MRTG installation and configuration 8 .Apf with antidos capability Optional 9 .Disable IP Source Routing (Kernel Level)
Posted by whmcsguru, 08-22-2007, 03:00 AM
Not "security related" at all Again, not "security related" at all If you're going to install multiple applications and configure multiple files, you're better off using one application that can do much more than the competition, csf
Posted by maestriatech, 08-22-2007, 03:36 AM
Yeah, but its a security measure to be on the safer side
Posted by hosein, 08-22-2007, 07:23 AM
Thanks For Write some of Linux Security Issue. Please Write A learn about All - or Add learn Link to this Forum I am looking forward to hearing from you. Thank You
Posted by hosein, 08-22-2007, 08:02 AM
I would highly appreciated if You Write Full Learn article(Step By Step). (For New Version Cpanel Server) Now Start with : 1.How to Hardening PHP 4/5 ? PHP Hardening (All Security Issue for hardening PHP in linux server) 2.How To Installing Mod_security and Mod_dosevasive for apache ? (Full Article Please) 3.How To Optimize , Upgrade And Hardening kernel in Linux server ? (For High Secure Server) 4.How To hardening All Part Of server if we need ? (like FTP server , Apache , Kernel , Device , System and Network Stack,...) 5.How To Install , Optimize And Hardening Software for DDOS Attack Protection ? 6.How to do ( SHH server and Access securing And Configuration ) ? Please Write Full Article with source link. :confused: Thank You
Posted by Cristi4n, 08-22-2007, 08:41 AM
I think you are asking for too much...
Posted by juangake, 08-22-2007, 08:57 AM
Well, MRTG isn't a security-related app., but monitoring bw. is a good thing (I thought that anything monitoring-related when it comes to security it's a good practice Most articles you're asking for are available just googling a bit. You're not really asking here someone write for *you* those articles right?
Posted by rasputinj, 08-24-2007, 01:40 AM
Bastille Linux, I like Jay Beale's work. Don't use FTP, use SCP Use SSH with Keys Run Nessus Close uneeded services with chkconfig has anyone tried Mod_parmguard to help with security on forms? Brute force detector
Posted by hosein, 08-24-2007, 06:22 AM
Please More Explain about following Question (Or Introduce some resource) : 1. How to Run Nessus ? 2. How to Close uneeded services with chkconfig ? 3. How to Use SSH with Keys ? Thanks
Posted by derek.bodner, 08-24-2007, 06:42 AM
Step 1: - Hire a Linux Administration. I'm sorry, but sometimes honesty is the best advice. If setting up SSH keys is beyond your technical level, then you have no business trying to administer a live server. If you're just trying to learn, then google is your friend.
Posted by david510, 08-24-2007, 07:04 AM
hosein, I suggest that you should hire a sys admin and do the initial setup of the server with necessary security installations. After that you can go through the links, get an idea about various things and administrate yourself.
Posted by whmcsguru, 08-24-2007, 07:28 AM
Nessus Homepage How to minimalize services with chkconfig. SSH Keys, generation and the like I'll third the recommendation for a server admin. These are all first year tasks (if that), and if you don't know how to do them, you shouldn't be running a linux server. BTW: While WHT is a good place for some stuff, it's not really a replacement for the almighty google. The last two took 5 seconds to come up with using google. Might try starting there.
Posted by rasputinj, 08-24-2007, 08:06 PM
You can get most of the answers in the tutorial section here. If you are familiar or confident with linux commands or knowing your way around a Linux OS, hire out your hardening to a linux admin. Remember linux security is not a 1 time thing, running something like Nessus should be run on a regular basis and software should be patched for security issues. This is where hiring the linux admin can come in handy.

Add to Favourites Print this Article