How To Secure A FreeBSD Server For Shell?
Mar 13, 2007
For hosting irc and shells i heard that the best choice for OS is the FreeBSD..
I would like to know if there are any toturials or if someone can write one.. (or give some tips) of how can i secure a machine running FreeBSD and used for irc + shells!
For example how can i install a firewall, a rootkit etc etc..
Also what about putting users at jail? (not allowing them see other dirs except theirs) how can i do that?
Also what about dont allow users use some commands like dmesg, ping, traceroute, and also how can i make them when they do ps -aux to only see their processes (to not be able see the other processes from other users..)
View 3 Replies
ADVERTISEMENT
Apr 30, 2008
I have several question for make shell hosting company:
1. Most of shell hosting company using FreeBSD, why?
2. Is it possible to use linux as OS for shell hosting company?
3. How to secure linux OS for shell hosting company?
View 7 Replies
View Related
Apr 22, 2009
Do you guys have any idea what is the best way to enable SFTP for a cPanel account?
I could give it Shell access, but isn't it possible without it?
View 3 Replies
View Related
Oct 19, 2009
How to secure server from Shell scripts like c100,c99,locus and so on.
Please provide me clear instructions if possible.
and let me know what we can do if a server is already infected with these shell scripts.
View 3 Replies
View Related
Dec 8, 2014
When I try to change a domain name preference from www to non-www i am getting the error
"Error: No secure shell available"
I am using plesk 12 ....
View 1 Replies
View Related
Jul 8, 2008
Do any1 know how to change jail shell to normal shell?
View 14 Replies
View Related
Jul 1, 2006
I've been a web developer for some years now, and I've been working with PHP/MySQL in Linux quite a lot, but I've never worked with Linux. But now, I'm in a project where the last programmer was a FreeBSD-guru, but not so good in PHP/MySQL, so they hired me to take over. So the project is hosted on a dedicated FreeBSD-server, and I need to get all sftp-accounts and change them. How do I do that? I have root-access with PuTTY, and I know the basic commands, but I don't know where to start looking for account-settings. Is there anyone who knows how to do this?
I also need to reset the root-login to MySQL. I've only done this on Windows, and I'm not to comfortable testing without knowing. I found this guide: ...
View 1 Replies
View Related
Jul 25, 2009
setup FreeBSD 7.2 amd64 on my dedicated server remotely. There is only problem I havnt access to KVM, but I have access to rescue system (linux image loaded into memory of the server, which enables me to perform any actions with help of linux tools on hard drive, it's easy to install any linux distro on the server - just format hdd and load files of OS, but I really dont know how to install FreeBSD by this way).
So, maybe someone can help me? If you have any tools for FreeBSD install or special images of it -
View 2 Replies
View Related
Sep 30, 2007
I want to put a couple VPSes on a FreeBSD box, but I don't know what the best VM software would be for BSD.
View 6 Replies
View Related
Dec 16, 2007
One of our customers uploaded C99Shell script on my server, and he can access to another accounts,
I upgraded php to 5 but he can access with this script to another accounts yet, what should I do to disable this script or other one?
View 14 Replies
View Related
May 20, 2008
i have server and i want to do shell scan and delete the shell
View 4 Replies
View Related
Mar 8, 2008
I'm getting the feared "input/output error" on /home partition on a freebsd server this server runs RAID-1, dmesg shows:
twed0: controller error - device failure (flags = 0x40)
g_vfs_done():twed0s1g[READ(offset=36997054464, length=16384)]error = 5
anyone knows what's my best action here? unmount /home and fsck it? or shutdown the server and replace a drive? (but, from this error message, I couldn't guess which drive is it... also, the 3dm raid monitoring didn't find any problem, so maybe it's the controller?)
View 3 Replies
View Related
Mar 25, 2009
i have question about securety of our DNS Server.
View 8 Replies
View Related
Apr 25, 2008
My server hacked!
my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!
anybody can work on my server? this is very URGENT because my server and all of our sites are down!
View 3 Replies
View Related
Mar 14, 2008
so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?
Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:
Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]
So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.
View 4 Replies
View Related
Nov 11, 2007
I see that one of the most important things nowadays is the security of our servers.
I would like to know from people here that are running big and small servers what they have done to secure their servers. What tips, what softwares they have used, which applications using and are more secure than others.. generally everything that could make good in the protection and security of our servers.
Even if you asked helped from a company doing that work, what changes they have done to your servers? which options they changed?
I am making this thread so as to collect all info we know in one place.. One knows about that tip.. the other one knows another tip.. having all of them somewhere could make a tremendous difference..
Moderators please dont move that thread in any software discussion or other forum as this is one of the most active ones and also has instant relation with the dedicated servers we buy.
View 11 Replies
View Related
Dec 6, 2007
I have a friend that works in the IT. He is about to start his own business, something in the line of network connection or something like that. I was telling him that I'm planning on getting my own dedicated server but that I have no idea how to secure the server. He told me that most linux desitributions come with their own build in firewall and that I don't need to worry about security. He told me to just ask my dedicated server provider to make sure the firewall is enabled and that's it. When he told me that I thought to myself, either this guy has no idea what he's talking about, or those guys at Webhostingtalk have no idea what they are talking about!
View 14 Replies
View Related
Mar 17, 2007
how can I get sure there is no shell access to my server exept mine. I mean alkl the security issues I should care for preventing shell access from all my users and hackers.
I have diabled all the shell accesses of my users via Cpanel.how can I disable the exec() function on my server?
View 9 Replies
View Related
Sep 1, 2008
I have few scripts, but hackers again upload at some way c99, and hack some SMF forums at server. Server like server they cannot hack, but user account they can. So please tell me what you advice?
View 6 Replies
View Related
Apr 28, 2008
I am having some server issues.
A part of my sshd_config:
Port 2255
Protocol 2
ListenAddress 8x.xx.xx.46
PermitRootLogin no
Recently, when I want to connect to my server using putty, I get "Connection Refused" using the above IP address and port.
When I enter the above IP address (or any other IP address that is stored/set on the server) and port 22, I get "Server refused to start shell/command".
It did work before, using 8x.xx.xx.46:2255 and when I enter 8x.xx.xx.46:22 it will block. But now... not anymore.
I am using "Direct Admin" to do a "System Backup". I do see the right port and IP address in the sshd_config file.
How can I fix this? I can not login the server anymore, however I am going to the datacenter tomorrow.
OS: CentOS
Installed firewall / protection: APF + BFD
Control Panel: Direct Admin
View 5 Replies
View Related
May 23, 2008
Which is the best company to secure my web server?
View 8 Replies
View Related
Sep 8, 2007
Is anyone have a ebook or article about secure linux server and apache .
I want to secure own server and my vps customer
my linux system : Centos
also i have cpanel control panel
View 3 Replies
View Related
Dec 4, 2008
i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.
my server os : linux Centos 5
View 3 Replies
View Related
Mar 27, 2007
I have a unmanaged server, and i want to have it secure harden.. how do i do it?
View 5 Replies
View Related
Jul 27, 2007
I would like to know if it's possible to secure a server used only for streaming.
Here is what I have on my server :
- Gentoo,
- FlashMedia Server,
- and the following services are enabled : ftp, ssh, named and web ssl
Is it possible for instance to install Mod_security?
View 3 Replies
View Related
Mar 25, 2009
I came across this very detailed step-by-step tutorial on how to secure a Plesk based VPS. It's up-to-date and was just written so the info is accurate.
Here's the link to the full tutorial: ...
View 1 Replies
View Related
Mar 25, 2008
I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
View 5 Replies
View Related
Jul 6, 2009
I'm thinking about creating a limited platform for my employees to access my hosting servers
I wish they can create certain types of directories for users, set permissions on some directories, list users accounts, etc.
but although I don't think they would want to abuse this kind of access, I not only like the Trust-No-One premisse, but I also find it not very unlikely that the computer they're using get compromised or something like that
so I'd like to get technical ideas on how to develop this system and to know if anyone is interested and would like to contribute to the code
what I've considered so far is that I should either create a special user for that which would be on all users group, or should give it "root" access... the latter seems more reasonable for me considering the implementation and compatibility between systems and control panels
but with "root" access I mean "running MY INTERFACE to the employee as root"... this interface would have limited options like "create directory for user X", "list content of user X", etc. (taking a lot of care on input validation)... and would enforce some limits to prevent abuse (for example, can't list the content of more than 10 users per hour, or something like that... and alert me)
my main doubt is how you think that should be implemented? as a special server or as a webservice? with webservice I have the advantage of being capable of using SSL in a simple way and I don't need a special client (since any browser is a client)
then that could be PHP or Perl... but running as UID 0 (I don't even know if apache allows that, or if there's a workaround like SUID)
View 6 Replies
View Related
Jul 7, 2008
I`m going to use FTPS for one of my accounts on a cPanel Server.
Should I assign a dedicated IP to that account, then install SSL on FTP.DOMAIN.COM?
View 6 Replies
View Related
