IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,114
These are a couple of options offered me for one of our servers from the hosting organization. I would like to know if you see any problems or pros and cons to any particular items that you see listed in them.
FreeBSD Security Plan 1 - $59.95 (onetime fee)
Thorough security audit
Installation and configuration of firewall
Installation of security updates as released by OS vendor
Installation of security updates as released by Control Panel vendor
Disabling of unused and insecure services (telnet, finger etc)
Removal of insecure packages and unnecessary software
Log auditing for unusual activity
SSH server hardening
Securing /tmp directory
Kernel tuning with sysctl
CHkrootkit (Rootkit/Exploit scanner reports sent daily)
AIDE (Advanced Intrusion Detection Environment)
Nessus (Security scanner)
HostSentry (trace suspicious user's activity, unknown user logins etc)
Local file permissions and suid bits checkup
FreeBSD Security Plan 2- $84.95 (onetime fee)
Thorough security audit
Installation and configuration of firewall
Installation of security updates as released by OS vendor
Installation of security updates as released by Control Panel vendor
Installation of custom software as desired by customer
Configuration changes as desired by customer
Disabling of unused and insecure services (telnet, finger etc)
Removal of insecure packages and unnecessary software
Regular scans for easy-to-guess users passwords
Log auditing for unusual activity
Investigating hacking attempts
Restoring files from backup
Anti-spam configuration
Anti-virus configuration
Anti-DoS/DDoS kernel code tweaking
Default system users removal
SSH server hardening
Mod_Security (Intrusion detection and prevention engine for web applications)
Securing /tmp directory
Kernel tuning with sysctl
CHkrootkit (reports sent daily)
Smartd (HDD Reliability monitor)
Snort (Network Intrusion Detection System)
Acid (Analysis Console for Intrusion Databases)
Tripwire (keeps track of every file being moved/edited in the system)
Nessus (Security scanner)
HostSentry (trace suspicious user's activity, unknown user logins etc)
Local file permissions and suid bits checkup
Thainks!
FreeBSD Security Plan 1 - $59.95 (onetime fee)
Thorough security audit
Installation and configuration of firewall
Installation of security updates as released by OS vendor
Installation of security updates as released by Control Panel vendor
Disabling of unused and insecure services (telnet, finger etc)
Removal of insecure packages and unnecessary software
Log auditing for unusual activity
SSH server hardening
Securing /tmp directory
Kernel tuning with sysctl
CHkrootkit (Rootkit/Exploit scanner reports sent daily)
AIDE (Advanced Intrusion Detection Environment)
Nessus (Security scanner)
HostSentry (trace suspicious user's activity, unknown user logins etc)
Local file permissions and suid bits checkup
FreeBSD Security Plan 2- $84.95 (onetime fee)
Thorough security audit
Installation and configuration of firewall
Installation of security updates as released by OS vendor
Installation of security updates as released by Control Panel vendor
Installation of custom software as desired by customer
Configuration changes as desired by customer
Disabling of unused and insecure services (telnet, finger etc)
Removal of insecure packages and unnecessary software
Regular scans for easy-to-guess users passwords
Log auditing for unusual activity
Investigating hacking attempts
Restoring files from backup
Anti-spam configuration
Anti-virus configuration
Anti-DoS/DDoS kernel code tweaking
Default system users removal
SSH server hardening
Mod_Security (Intrusion detection and prevention engine for web applications)
Securing /tmp directory
Kernel tuning with sysctl
CHkrootkit (reports sent daily)
Smartd (HDD Reliability monitor)
Snort (Network Intrusion Detection System)
Acid (Analysis Console for Intrusion Databases)
Tripwire (keeps track of every file being moved/edited in the system)
Nessus (Security scanner)
HostSentry (trace suspicious user's activity, unknown user logins etc)
Local file permissions and suid bits checkup
Thainks!