HOWTO Needed: Watch server from hacker intrusion and software malfunction

[isputra]

Hi,

I have some server using cPanel and RH 9. Some server using co-location service and some other dedicated server.

When i buy server, i always use "Server Security Checklist - Secure your box now!!" posted by GetWired on this forum (http://forums.cpanel.net/showthread....rity+Checklist)

For daily server check, i do the basic like logon using SSH and tail exim_mainlog, message, secure also pico the .bash_history.

Also i always read on server status email from server like Chkrootkit Result, newmailcgi, LogWatch, Alert: Root Access, Service Monitor, ans SIM Status Warning.

Some guys here maybe have suggestion, why not hire sysadmin to manage server ?
Yes, about 3 months ago i hired someone and he did not do the job well enough. When i decided not hire him anymore, i can't logon to my server anymore and when i ask him about the password he told me that password still the same.

Shortly, i have bad experinece if i must hire someone else.

So please someone here give me the HOWTO to manage server more save from hacker and software malfunction, like what i must do daily to watch the server etc...

Maybe howto about what the sysadmin do daily to watch the server will be appreciated. A lot of cpanel users here will be appreciated too .. i tihink

[Doctor]

Hi,

I have some server using cPanel and RH 9. Some server using co-location service and some other dedicated server.

When i buy server, i always use "Server Security Checklist - Secure your box now!!" posted by GetWired on this forum (http://forums.cpanel.net/showthread....rity+Checklist)

For daily server check, i do the basic like logon using SSH and tail exim_mainlog, message, secure also pico the .bash_history.

Also i always read on server status email from server like Chkrootkit Result, newmailcgi, LogWatch, Alert: Root Access, Service Monitor, ans SIM Status Warning.

Some guys here maybe have suggestion, why not hire sysadmin to manage server ?
Yes, about 3 months ago i hired someone and he did not do the job well enough. When i decided not hire him anymore, i can't logon to my server anymore and when i ask him about the password he told me that password still the same.

Shortly, i have bad experinece if i must hire someone else.

So please someone here give me the HOWTO to manage server more save from hacker and software malfunction, like what i must do daily to watch the server etc...

Maybe howto about what the sysadmin do daily to watch the server will be appreciated. A lot of cpanel users here will be appreciated too .. i tihink

Here's my advice:

1. Change your server password before sacking the admin (this is common sense).
2. Stay away from one-man-show admins (no pun intended).
3. Read more books on Server Admin.

[dgbaker]

Here's my advice:

2. Stay away from one-man-show admins (no pun intended).

What's that supposed to mean?

[isputra]

Here's my advice:

1. Change your server password before sacking the admin (this is common sense).
2. Stay away from one-man-show admins (no pun intended).
3. Read more books on Server Admin.

Advice # 1 already done after reinstall all over again by DC tech support.
Advice # 2, like DG i don't know waht you mean
Advice # 3, yes i read a lot of book about linux. My fav book is "Linux - The Advanced Reference by Walnut Creek"

Maybe some admin here can give me some tips step by step on how to watch the server daily using cPanel

[lostinspace]

What's that supposed to mean?

Guess he prefers to have 10 chiefs as opposed to 1?
I have no issues with [((1 sysadmin)+(forums.cpanel.net)/common sense)*finger crossing] equation.
*pats me-self on the back.

[dgbaker]

I figured that as well. I agree trust one to the password instead of 10 who-knows-who's.

I great way to have security issues is to not know who has the password.

[Doctor]

One-man-show admin = freelancer earning a few quick bucks. No-go. Look for companies offering such services. At least you know where to throw eggs when they suck!

[verdon]

One-man-show admin = freelancer earning a few quick bucks. No-go. Look for companies offering such services. At least you know where to throw eggs when they suck!

I know what you're trying to say, but companies can be all smoke and mirrors too. Due diligence is part of any hiring/tendering process whether you're dealing with a 'company' or an individual free-lancer. Be sute to do your homework and check references first

[dgbaker]

Very true, how many "big" companies are only a couple of guys out to make a quick buck? Hey come to think of it isn't that what business is all about? Making money?

I though will always look to the individual hire as opposed to using a company especially for server admin. I much prefer to train one, then trust some else to train people I do not know. Nothing beats a good resume and references.

[verdon]

I though will always look to the individual hire as opposed to using a company especially for server admin.

I've also found that the best sys admins I know often don't fit well in the company mold. They (good sys admins) are often too blunt and honest for what companies like to hear. I have more than one sys admin friend who have been fired by bigger companies for essentially being honest and un-politic in thier delivery of truth.

[lostinspace]

I know what you're trying to say, but companies can be all smoke and mirrors too. Due diligence is part of any hiring/tendering process whether you're dealing with a 'company' or an individual free-lancer. Be sute to do your homework and check references first

Pay no attention to the man behind the curtain!

[jeffheld]

change your password to:
login123
that will keep hackers away for the afternoon.

[lostinspace]

change your password to:
login123
that will keep hackers away for the afternoon.

SWEET! Setting mine now.

[Doctor]

change your password to:
login123
that will keep hackers away for the afternoon.

How about not booting the server at all? Now I'd say that is the PERMANENT solution... at least for idiots!