A Beginner's Guide to Securing Your Server

[gorilla]

goo is glue is sticky ?
thanks chirpy , it will benefit all of us !

[wkdwich]

I am extremely greatful for the information provided here.. having come off a cobalt raq4 for 6 years, this cpanel is very different!!

I installed checkroot, APF and BFD and am getting reports now..

The checkroot one just came in and I have some questions about what I see here.. almost every line shows not infected, no suspect files or not found except these, are they things I need to be concerened about or investigate further?

Checking `bindshell'... INFECTED (PORTS: 465)
Checking `sniffer'... not tested: can't exec ./ifpromisc
Checking `wted'... not tested: can't exec ./chkwtmp
Checking `z2'... not tested: can't exec ./chklastlog
Checking `chkutmp'... not tested: can't exec ./chkutmp
Checking `ldsopreload'... can't exec ./strings-static, not tested

[DataDork]

resolved. thanks..

[G4 Hosting]

Not sure what I am doing wrong but I can't get APF to start. I've gone through all the tutorial(s) including several listed in this forum but all APF does for me is stop me from accessing the server.


Thanks,
Rolly

[Kaveyhosting]

Isn't that what its supposed to do?

/usr/local/sbin/apf -s

that starts it... if its blocking you make sure you set the config file right in /etc/apf/ conf.apf

[G4 Hosting]

That's what I thought so too but my customer aren't liking it (especially when I set devm="0". The whole server is locked out).

conf.apf

Thanks for taking a look.

Rolly

[mvhost]

Hi,

I DON'T SPEAK ENGLISH!!!

I was to apply the rule of Restrict SSH Access and now I do not obtain more to have access shel(SSH) for some incorrect configuration that I made.

What I can make now?





Thanks,

Fernando Freitas

[benito]

Hi,

I DON'T SPEAK ENGLISH!!!

I was to apply the rule of Restrict SSH Access and now I do not obtain more to have access shel(SSH) for some incorrect configuration that I made.

What I can make now?





Thanks,

Fernando Freitas

Mandame un privado y te doy una mano.

[paralard]

Thanks for the great info. Very useful!

[MMarko]

Hi,

I DON'T SPEAK ENGLISH!!!

I was to apply the rule of Restrict SSH Access and now I do not obtain more to have access shel(SSH) for some incorrect configuration that I made.

What I can make now

If you have firewall you should enter port number into allow conf, now you can contact datacenter support to reconfigure and restart sshd.

I've done same thing.

[Charterhosting]

First, I would like to say really nice work on the info.. Helped alot and if I would have had it a week ago, I would not have been rooted a couple days back..


Next can someone tell me how to setup the cron to run chkrootkit please? I have it installed but not sure on the cron.

Thanks

[quadrahost]

Next can someone tell me how to setup the cron to run chkrootkit please? I have it installed but not sure on the cron.

Thanks

#crontab -e

Add the following to the bottom of the file, then save and exit. It runs daily at 6am

30 6 * * * /root/chkrootkit-0.45/chkrootkit

[quadrahost]

is there a way to secure whm login attacks? I think most hackers are aware to add /whm to the end of a domain on the server and then login with root and crack the password.


Seems like a weak point to the box

[Daniel Artes]

Great Beginner's Guide !
Saved a lot of time!

[arkain]

Can we start the bruteforce and firewall at startup when the server rebooted?

Thanks for the help.