The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My first server setup

Discussion in 'General Discussion' started by station, Aug 6, 2004.

  1. station

    station Member

    Joined:
    Jul 21, 2004
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    Well, it's been a couple of weeks with my first server.
    I like the terminal,
    however I have become abit lost amoungst all the variables and installs.

    These are the steps which I have taken/or installed :
    SIM (System Integrity Monitor)
    APF (Advanced Policy Firewall)
    PRM (Process Resource Monitor)
    BFD (Brute Force Detection)
    Have the server e-mail everytime someone logs in as root:
    Disable Telnet:
    Use sftp (secure ftp via ssh2) instead of ftp
    chkrootkit ( Daily chkrootkit from domain)
    rkhunter (Daily Rkhunter Scan Report from domain)
    Disable direct root login
    Secure your /tmp directory
    install Zend Optimizer.
    cPanel Pro update
    Exiscan+Clam+Exim Autoinstaller from http://www.cpanelappz.com
    MRTG
    Mailscanner
    gnome-libs

    And probably a number of other things

    My problems:
    1)- Load status, LOAD 15.21
    is that not abit high since there really is no traffic at the moment?
    2)- NETWORK is online.
    Do I need to have network service running? If I close it would that reduce hackers options?
    3)- Service Summary:
    HTTP [online - 2 events]
    DNS [restarted - 2 events]
    SSH [restarted - 2 events]
    MYSQL [restarted - 2 events]
    XINET [restarted - 2 events]
    Is that normal for these services to reboot a couple of times a day?

    4)- xinetd

    Code:
    Aug *5 21:38:50 host pure-ftpd[20056]: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    Aug *5 21:38:50 host pure-ftpd[20056]: (?@127.0.0.1) [INFO] Logout - CPU time spent: 0.000 seconds.
    
    This I assume is a local access, I actually want all ftp turned off exept for sftp, which I set up. So how can I be sure that the ftp service stays turned off?
    
    

    4)- System Log:
    Aug *5 21:46:32 host xinetd: xinetd startup succeeded
    Aug *5 21:46:32 host xinetd[22000]: Server in.ntalkd is not executable [file=/etc/xinetd.d/ntalk] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Error parsing attribute server - DISABLING SERVICE [file=/etc/xinetd.d/ntalk] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Server in.qpopper is not executable [file=/etc/xinetd.d/pop-3] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Error parsing attribute server - DISABLING SERVICE [file=/etc/xinetd.d/pop-3] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Server in.talkd is not executable [file=/etc/xinetd.d/talk] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Error parsing attribute server - DISABLING SERVICE [file=/etc/xinetd.d/talk] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Server in.telnetd is not executable [file=/etc/xinetd.d/telnet] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Error parsing attribute server - DISABLING SERVICE [file=/etc/xinetd.d/telnet] [line=8]
    Aug *5 21:46:32 host xinetd[22000]: Must specify a server in ntalk
    Aug *5 21:46:32 host xinetd[22000]: Must specify a server in pop-3
    Aug *5 21:46:32 host xinetd[22000]: Must specify a server in talk
    Aug *5 21:46:32 host xinetd[22000]: bind failed (Address already in use (errno = 98)). service = imap
    Aug *5 21:46:32 host xinetd[22000]: xinetd Version 2.3.12 started with libwrap loadavg options compiled in.
    Aug *5 21:46:32 host xinetd[22000]: Started working: 0 available services

    I'm not to sure what xinetd does, is it esential and what can I do to repair these errors if needed?


    I have lots more questions, but I'd better save them for another post.:cool:
    TIA
     
  2. station

    station Member

    Joined:
    Jul 21, 2004
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    1
    mail to root

    I just had a pm from clarocque,
    here's my reply;
    (ihope this doesn't offend clarocque :) )

    *Have the server e-mail everytime someone logs in as root:
    - Edit the .bash_profile in the users directory ( in this case /root)
    commands:
    su - root
    cd (just cd, nothing else puts you in top dir)
    pico -w .bash_profile

    And put this at the very end:
    echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" you@email.com
    (all one line and I hope this forum soft doesn't change the chars)
    sorry forgot to take notes on that , do a search of the various forums for " Use sftp (secure ftp via ssh2) instead of ftp "

    *the above command was found on a forum post
     
  3. mike_r

    mike_r Well-Known Member

    Joined:
    Nov 26, 2002
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    Have you found out what service is causing the problem?

    I am good with mysql optimization, but i still havn't been able to determine the best values for apache..

    Let me know what kind of sites you are hosting? a little bit from the top command and the load..
     
Loading...

Share This Page