The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What is a good intrusion detection system I can use for my cpanel server?

Discussion in 'General Discussion' started by BianchiDude, Dec 14, 2007.

  1. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    What is a good intrusion detection system I can use for my cpanel server?
     
  2. darren.nolan

    darren.nolan Well-Known Member

    Joined:
    Oct 4, 2007
    Messages:
    259
    Likes Received:
    0
    Trophy Points:
    16
    http://www.configserver.com

    The firewall has LID (login/intrusion detection) - if anyone logs in I get an email about it. It's not often my resellers log in, so I can keep an eye on things if they do - ESPECIALLY if they try themselves a su or sudo command, in which I also get notified of.

    If root logs in you also get an email about that. It's all rather quick too, I often try logging in and intercepting the email that goes out and informs myself. It's good fun trying to beat your own security. (If you create yourself a macro when you manage to login as root, you can shtudown exim, delete the email, restart it) - Having said that, you'd need the password before this can actually happen - and with brute force protection (and temp IP ban with the firewall), I suppose that'd be a little far fetched.

    Then again - I may just have too much time on my hands.
     
Loading...
Similar Threads - intrusion detection system
  1. Anthony Brian Mallgren
    Replies:
    8
    Views:
    101

Share This Page