Jump to content

Welcome to Pure Warfare - The #1 Community for Pures

Welcome to Pure Warfare - The #1 Community for Pures, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information for you to signup. Be apart of Pure Warfare - The #1 Community for Pures by signing in or creating an account.
  • Start new topics and reply to others
  • Subscribe to topics and forums to get email updates
  • Get your own profile page and make new friends
  • Send personal messages to other members.

Guest Message by DevFuse

Secure your server [Linux]

Karl
 Share

Recommended Posts

Karl Newbie

+Karl

Posted
Posted

There are serveral steps you can take to ensure your server is secure. The most obvious way is to install a firewall.

 

I'll show you how to install ConfigServer Firewall (CSF).

 

So in the terminal type:

wget http://www.configserver.com/free/csf.tgztar -zxvf csf.tgzcd csfls./install.sh

 

That will download, untar and install CSF.

 

Now you have to configure it to ensure it does it's job. By default it's set to enable in TEST MODE. You will have to disable it.

 

Make your way to either /csf/csf.conf or etc/csf/csf.conf and scroll down to:

TCP_IN

TCP_OUT

 

Edit the ports to allow the ones you need.

 

Then in the SSH console type

service csf start

 

This will start CSF, if everything is fine (you don't get any fatal errors) go back to the csf.conf file and change:

TESTING = "1"

to

TESTING = "0"

 

Then in the SSH console again, type:

service csf restart

 

You now have a firewall installed :)

 

 

Another thing to do is install Root Kit Checker, this is will check if anyone has compromised your root.

cd /root/wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gztar xvzf chkrootkit.tar.gzcd chkrootkit-0.44make sense

 

Now that it's installed you can run it by typing this:

/root/chkrootkit-0.44/chkrootkit

 

Now check if everything is fine.

 

 

Finally, install BFD (Brute Force Detection)

cd /root/wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gztar -xvzf bfd-current.tar.gzcd bfd-1.2./install.sh

 

You may have to change bfd-1.2 to the most recent version.

 

To edit the configuration go to:

/usr/local/bfd/conf.bfd

 

Find

ALERT_USR="0"

Change to

ALERT_USR="1"

 

Find

EMAIL_USR="root"

Change to

EMAIL_USR="[email protected]"

 

Now start BFD by typing:

/usr/local/sbin/bfd -s

 

 

These are good steps to ensuring the server is secure, although there are a lot more things to do to stop DDOS attacks, etc. These are just basic steps.

 

Hope they help :)


favadmin.png
IRC Nick - ``Karl
"You lost me at biased."
Need help? PM me
purewarfare.png
Link to comment
Share on other sites
  • 1 month later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...