Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

HOWTO Needed: Watch server from hacker intrusion and software malfunction

Discussion in 'General Discussion' started by isputra, Jul 25, 2004.

  1. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Mbelitar
    Hi,

    I have some server using cPanel and RH 9. Some server using co-location service and some other dedicated server.

    When i buy server, i always use "Server Security Checklist - Secure your box now!!" posted by GetWired on this forum (http://forums.cpanel.net/showthread.php?t=14443&highlight=Server+Security+Checklist)

    For daily server check, i do the basic like logon using SSH and tail exim_mainlog, message, secure also pico the .bash_history.

    Also i always read on server status email from server like Chkrootkit Result, newmailcgi, LogWatch, Alert: Root Access, Service Monitor, ans SIM Status Warning.

    Some guys here maybe have suggestion, why not hire sysadmin to manage server ?
    Yes, about 3 months ago i hired someone and he did not do the job well enough. When i decided not hire him anymore, i can't logon to my server anymore and when i ask him about the password he told me that password still the same.

    Shortly, i have bad experinece if i must hire someone else.

    So please someone here give me the HOWTO to manage server more save from hacker and software malfunction, like what i must do daily to watch the server etc...

    Maybe howto about what the sysadmin do daily to watch the server will be appreciated. A lot of cpanel users here will be appreciated too .. i tihink
    :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    166
    Here's my advice:

    1. Change your server password before sacking the admin (this is common sense).
    2. Stay away from one-man-show admins (no pun intended).
    3. Read more books on Server Admin.
     
  3. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    What's that supposed to mean?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Mbelitar
    Advice # 1 already done after reinstall all over again by DC tech support.
    Advice # 2, like DG i don't know waht you mean
    Advice # 3, yes i read a lot of book about linux. My fav book is "Linux - The Advanced Reference by Walnut Creek"

    Maybe some admin here can give me some tips step by step on how to watch the server daily using cPanel :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. lostinspace

    lostinspace Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    122
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Colorado Springs, CO
    Guess he prefers to have 10 chiefs as opposed to 1?
    I have no issues with [((1 sysadmin)+(forums.cpanel.net)/common sense)*finger crossing] equation.
    *pats me-self on the back.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    I figured that as well. I agree trust one to the password instead of 10 who-knows-who's.

    I great way to have security issues is to not know who has the password.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    166
    One-man-show admin = freelancer earning a few quick bucks. No-go. Look for companies offering such services. At least you know where to throw eggs when they suck! :D
     
  8. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    870
    Likes Received:
    3
    Trophy Points:
    168
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    I know what you're trying to say, but companies can be all smoke and mirrors too. Due diligence is part of any hiring/tendering process whether you're dealing with a 'company' or an individual free-lancer. Be sute to do your homework and check references first ;)
     
  9. dgbaker

    dgbaker Well-Known Member
    PartnerNOC

    Joined:
    Sep 20, 2002
    Messages:
    2,574
    Likes Received:
    3
    Trophy Points:
    343
    Location:
    Toronto, Ontario Canada
    cPanel Access Level:
    DataCenter Provider
    Very true, how many "big" companies are only a couple of guys out to make a quick buck? Hey come to think of it isn't that what business is all about? Making money?

    I though will always look to the individual hire as opposed to using a company especially for server admin. I much prefer to train one, then trust some else to train people I do not know. Nothing beats a good resume and references.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. verdon

    verdon Well-Known Member

    Joined:
    Nov 1, 2003
    Messages:
    870
    Likes Received:
    3
    Trophy Points:
    168
    Location:
    Northern Ontario, Canada
    cPanel Access Level:
    Root Administrator
    I've also found that the best sys admins I know often don't fit well in the company mold. They (good sys admins) are often too blunt and honest for what companies like to hear. I have more than one sys admin friend who have been fired by bigger companies for essentially being honest and un-politic in thier delivery of truth.
     
  11. lostinspace

    lostinspace Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    122
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Colorado Springs, CO
    Pay no attention to the man behind the curtain!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. jeffheld

    jeffheld Active Member

    Joined:
    Jan 7, 2004
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    financial capital
    change your password to:
    login123
    that will keep hackers away for the afternoon.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. lostinspace

    lostinspace Well-Known Member

    Joined:
    Jul 19, 2003
    Messages:
    122
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Colorado Springs, CO
    SWEET! Setting mine now.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    166
    How about not booting the server at all? Now I'd say that is the PERMANENT solution... at least for idiots! ;)
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice