The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacker stuff - hardening suggestions from host

Discussion in 'General Discussion' started by jeroman8, May 13, 2005.

  1. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    16
    Hi!

    I hade a lot off stuff in apache/proxy, dev/shm and /tmp and also a udp.pl script running.
    My host said the below suggestions and I wonder if that is ok ?


    Additionally, we recommend unmounting /dev/shm completely and removing its entry in /etc/fstab. We also recommend removing /usr/local/apache/proxy -- or at least changing its ownership to root:root (if the user "nobody" owns the directory, it can simply change the permissions to enable write access). We also recommend removing world-write permissions from all of /var/spool: chmod -R o-w /var/spool
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    There's no need to remove /dev/shm at all, just set the noexec and nosuid flags on it. I've not tried the suggestion on /var/spool, I can see that breaking exim.

    You're better off reading the sticky security thread for ideas on locking down the server.
     
  3. jeroman8

    jeroman8 Well-Known Member

    Joined:
    Mar 14, 2003
    Messages:
    410
    Likes Received:
    0
    Trophy Points:
    16
    I'm reading and reading...
    I also had r-fx hardening the server a year ago or so...
    I have most of the securiy suggestions done already.

    I did the chmod -R o-w /var/spool but somhow not all directories and files
    was changed or they was set back to original setting by a script again.

    I found a thread about a script that search for files named "something" you set
    and if it finds it it will send you an e-mail.
    However the script was removed from the thread and I couldn't download it -
    do you know where I can find a script like that or some other good script
    doing like this ?

    I guess chrootkit maybe do this.
     
  4. aryan

    aryan Member
    PartnerNOC

    Joined:
    Dec 8, 2005
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hardening

    Sir,

    Please tell me what enteries are required in these files (HTTPD.CONF,HOST.CONF,FTP)
    for hardening .

    Please help its urgent.
     
Loading...
Similar Threads - Hacker stuff hardening
  1. GoreDefex
    Replies:
    6
    Views:
    476

Share This Page