This page looks plain and unstyled because you're using a non-standard compliant browser. To see it in its best form, please upgrade to a browser that supports web standards. It's free and painless.

Blog About Dedicated Servers

Mount /tmp with noexec

Luigi Ramone | 04 September, 2008 15:02

By default, RS servers come with everything lumped in / and a small amount partitioned for /boot and some for swap. With this current setup, you have no room for making more partitions unless you have a second hard-drive.

Recently, I found out it would be worthwhile to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.

First off, I want to thank everyone for their help from this thread:

http://forum.rackshack.net/showthread.php?...&threadid=27470

I am simply compiling their advice into a how-to... (More)

Security , System :: Comment (15) :: Permalink :: Trackbacks (0)

4 Primary Areas For Tuning Your Server

Luigi Ramone | 04 September, 2008 14:57

I just thought I would add my two cents in for everyone. I posted an old howto with some sysctl.conf, but I think that was when I was running on my previous server using and older version of redhat. So here's a fresh howto that is a little more complete.

These configs are based on my server specs, which is a Dual 2.0GHz Xeon with 2GB of RAM running RedHat Enterprise. Depending on your server's RAM you might have to reduce some of the settings, which I'll try make notes with each section. (More)

Cpanel , Apache , Security , DNS , RedHat , System , Mail :: Comment (9) :: Permalink :: Trackbacks (0)

Chkrootkit

Luigi Ramone | 15 December, 2005 21:43

Installing CHKROOTKIT

(Version 0.42b Sep 20 2003)

SSH as admin to your server. DO NOT use telnet

#Change to root
su -

 (More)

Security , System :: Comment (4) :: Permalink :: Trackbacks (0)

APF Firewall 0.9.4-7

Luigi Ramone | 15 December, 2005 21:32

Just thought I'd update the howto's for APF.

Type ifconfig

Find out if it’s using eth0 or eth1.

Usually its eth0 but if its not, change it in conf.apf or you’ll be completely blocking the server from access

wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

tar -xvzf apf-current.tar.gz
cd apf*
./install.sh
pico -w /etc/apf/conf.apf

RESV_DNS="1"

All SYSCTL options should be set to 1 EXCEPT for
SYSCTL_OVERFLOW="0"
SYSCTL_SYNCOOKIES="0"

USE_DS="1"
USE_AD="1"

 (More)

Cpanel , Security , Plesk :: Comment (18) :: Permalink :: Trackbacks (0)

Antidos via APF Firewall

Luigi Ramone | 15 December, 2005 21:30

Antidos is a really nice feature of the APF firewall, but it's not automatically turned on when you install and run APF.

First you probably want to make sure APF is running nicely for a few days and you have your own IP listed in the "allow_hosts.rules" file so you can't lock yourself out. You also want to understand how to access the EV1 remote console (from your EV1 account manager), just in case you do lock yourself out.

And to be even more safe, lets set DEVEL_MODE to "1" (on) and we need to setup USE_AD to enable the use of antidos, so find and edit these:

pico -w /etc/apf/conf.apf

DEVEL_MODE="1"

USE_AD="1"

apf -r

Now APF will quit in 5 minutes. Don't forget to put DEVEL_MODE back when everything is OK!

 (More)

Security :: Comment (7) :: Permalink :: Trackbacks (0)

Banning over-aggressive web crawlers

Luigi Ramone | 15 December, 2005 21:03

Not all web crawlers obey robots.txt like they should

One in particular was getting on my nerves, the Inktomi Slurp crawler. Essentially, it would go to my site (http://rpg-works.net) and load ALL my clients sites in quick succession, bogging down my server to the point of becoming unresponsive.

So, for your benefit, here's my current ban list (I put this in rc.local)

 (More)

Security :: Comment (11) :: Permalink :: Trackbacks (0)

Mount /tmp with noexec

Luigi Ramone | 15 December, 2005 20:20

What we are doing it creating a file that we will use to mount at /tmp.

--------------

cd /dev

--------------

Create 100MB file for our /tmp partition. If you need more space, make count size larger.

--------------

dd if=/dev/zero of=tmpMnt bs=1024 count=100000

--------------

Make an extended filesystem for our tmpMnt file

--------------

mke2fs /dev/tmpMnt

--------------

 (More)

Security :: Comment (12) :: Permalink :: Trackbacks (0)

HOW-TO: Secure cPanel

Luigi Ramone | 30 November, 2005 21:43

First and foremost I want to say that this is not going to make your server 100% cracker proof, there is always a possibility that somebody will find a way in. I have listed a lot of things you can do to protect your server and that will help you secure it. While securing your server you have to find a median between what is secure and what restricts your clients or websites. You can easily make your server 100% secure from remote attacks by unplugging the ethernet cable, but chances are you will not get much good with it. This is not a complete guide and I will update it when I find time or it needs it. Overall it is a very good start and it is probably more then most servers have.

If you have any problems with the guide please post them and I will try and help/update the guide. I have not included everything you can do but it is a very good start. If you need somebody to secure server please feel free to private message or email me.

All commands meant to be run in ssh will begin with "#"

 (More)

Cpanel , Security :: Comment (15) :: Permalink :: Trackbacks (0)

Powered by Boonic, Bloogo & pLog
This Blog does not have any affiliation nor relation with the mentioned companies. All the logotipos, trade names and images are property of the companies that registered them.