Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Hacker stuff - hardening suggestions from host

Discussion in 'General Discussion' started by jeroman8, May 13, 2005.

  1. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    166
    Hi!

    I hade a lot off stuff in apache/proxy, dev/shm and /tmp and also a udp.pl script running.
    My host said the below suggestions and I wonder if that is ok ?


    Additionally, we recommend unmounting /dev/shm completely and removing its entry in /etc/fstab. We also recommend removing /usr/local/apache/proxy -- or at least changing its ownership to root:root (if the user "nobody" owns the directory, it can simply change the permissions to enable write access). We also recommend removing world-write permissions from all of /var/spool: chmod -R o-w /var/spool
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    There's no need to remove /dev/shm at all, just set the noexec and nosuid flags on it. I've not tried the suggestion on /var/spool, I can see that breaking exim.

    You're better off reading the sticky security thread for ideas on locking down the server.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    166
    I'm reading and reading...
    I also had r-fx hardening the server a year ago or so...
    I have most of the securiy suggestions done already.

    I did the chmod -R o-w /var/spool but somhow not all directories and files
    was changed or they was set back to original setting by a script again.

    I found a thread about a script that search for files named "something" you set
    and if it finds it it will send you an e-mail.
    However the script was removed from the thread and I couldn't download it -
    do you know where I can find a script like that or some other good script
    doing like this ?

    I guess chrootkit maybe do this.
     
  4. aryan

    aryan Member
    PartnerNOC

    Joined:
    Dec 8, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    151
    Hardening

    Sir,

    Please tell me what enteries are required in these files (HTTPD.CONF,HOST.CONF,FTP)
    for hardening .

    Please help its urgent.
     
Loading...
Similar Threads - Hacker stuff hardening
  1. okoca
    Replies:
    1
    Views:
    209
  2. 4u123
    Replies:
    7
    Views:
    759

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice