***How To Secure My Server ?***

B

bendani

Verified User
Joined
Oct 16, 2005
Messages
32
Guys please help me
my server got hacked at least 2 times and i dont know what to do anymore :)

i have now : KISS FIREWALL , A lot of disable functions on PHP.INI , register_globals off , safe_mode : on , Mod evaisve , mod security , /tmp Is Safe , No direct ROOT access , Apache is updated to the last 1.3 version (1.3.37) , Directadmin got the most updated version , Kernel Got the last version

This is what i got
what i can do more to protect my server from hacks ?

I have centos 4.3 , Pentium 4 , 2 GB DDR...


thank you
 
Re: Re: ***How To Secure My Server ?***

Pascal said:
Check how you are hacked? After that, you can search for a solution.
Click to expand...
I Cant
they delete SSH for example
and delete all the databases and sites
and delete directadmin

but one thing is for sure - its not that they know my password
and none manage to enter ROOT (beacuse i have a monitor that tells me if someone is on root)
 
Mik3yZ said:
what i did for extra security is put my sshd on an different port... eg 1234

- Mike
Click to expand...
Yeah
i did it to
and changed it to protocol 2
 
Upgrade to the latest version of openssl. It has a exploit which allows people to get root access easily.

Run a rootkit like chkrootkit.
 
eymbo said:
Upgrade to the latest version of openssl. It has a exploit which allows people to get root access easily.

Run a rootkit like chkrootkit.
Click to expand...
i got the last version
and i already run rootkit
 
a hardware firewall for one

2nd no ssh access unless you are within the internal network ( ie you need to vpn etc)

prob is if you are hosting and offering ssh to people off the web then you can't do the above .


other than that mostly is monitoring via your facility , and so on.

Oh one more thing I would check.. it would be your own computer.

Maybe you are not getting hacked but you might have a nice big back door in your own computer.
 
FastAttack said:
a hardware firewall for one

2nd no ssh access unless you are within the internal network ( ie you need to vpn etc)

prob is if you are hosting and offering ssh to people off the web then you can't do the above .


other than that mostly is monitoring via your facility , and so on.

Oh one more thing I would check.. it would be your own computer.

Maybe you are not getting hacked but you might have a nice big back door in your own computer.
Click to expand...
I had hardware firewall...
no one has root access ...or ssh access
my computer is fine (ZoneAlarm Security Suite , SpyBot And more...)
ben.
 
You must log in or register to reply here.
Back
Top