Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

What is a good intrusion detection system I can use for my cpanel server?

Discussion in 'General Discussion' started by BianchiDude, Dec 14, 2007.

  1. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    166
    What is a good intrusion detection system I can use for my cpanel server?
     
  2. darren.nolan

    darren.nolan Well-Known Member

    Joined:
    Oct 4, 2007
    Messages:
    259
    Likes Received:
    0
    Trophy Points:
    66
    http://www.configserver.com

    The firewall has LID (login/intrusion detection) - if anyone logs in I get an email about it. It's not often my resellers log in, so I can keep an eye on things if they do - ESPECIALLY if they try themselves a su or sudo command, in which I also get notified of.

    If root logs in you also get an email about that. It's all rather quick too, I often try logging in and intercepting the email that goes out and informs myself. It's good fun trying to beat your own security. (If you create yourself a macro when you manage to login as root, you can shtudown exim, delete the email, restart it) - Having said that, you'd need the password before this can actually happen - and with brute force protection (and temp IP ban with the firewall), I suppose that'd be a little far fetched.

    Then again - I may just have too much time on my hands.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice