+Karl Posted June 1, 2009 Share Posted June 1, 2009 There are serveral steps you can take to ensure your server is secure. The most obvious way is to install a firewall. I'll show you how to install ConfigServer Firewall (CSF). So in the terminal type: wget http://www.configserver.com/free/csf.tgztar -zxvf csf.tgzcd csfls./install.sh That will download, untar and install CSF. Now you have to configure it to ensure it does it's job. By default it's set to enable in TEST MODE. You will have to disable it. Make your way to either /csf/csf.conf or etc/csf/csf.conf and scroll down to: TCP_IN TCP_OUT Edit the ports to allow the ones you need. Then in the SSH console type service csf start This will start CSF, if everything is fine (you don't get any fatal errors) go back to the csf.conf file and change: TESTING = "1" to TESTING = "0" Then in the SSH console again, type: service csf restart You now have a firewall installed :) Another thing to do is install Root Kit Checker, this is will check if anyone has compromised your root. cd /root/wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gztar xvzf chkrootkit.tar.gzcd chkrootkit-0.44make sense Now that it's installed you can run it by typing this: /root/chkrootkit-0.44/chkrootkit Now check if everything is fine. Finally, install BFD (Brute Force Detection) cd /root/wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gztar -xvzf bfd-current.tar.gzcd bfd-1.2./install.sh You may have to change bfd-1.2 to the most recent version. To edit the configuration go to: /usr/local/bfd/conf.bfd Find ALERT_USR="0" Change to ALERT_USR="1" Find EMAIL_USR="root" Change to EMAIL_USR="[email protected]" Now start BFD by typing: /usr/local/sbin/bfd -s These are good steps to ensuring the server is secure, although there are a lot more things to do to stop DDOS attacks, etc. These are just basic steps. Hope they help :) Quote IRC Nick - ``Karl "You lost me at biased."Need help? PM me Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.