How To Secure And Harden Centos Linux Server From Vulnerabilities & Threats ,attacks

Jul 28, 2009

How I can secure my server from vulnerabilities and threats and ddos attack? How can I find my server is compromised or hacked?

Which ports I should check, what commands I should fired on shell prompt? which softwares you will recommend.

View 14 Replies


ADVERTISEMENT

How To Secure Harden The Server

Mar 27, 2007

I have a unmanaged server, and i want to have it secure harden.. how do i do it?

View 5 Replies View Related

How Can I Secure My Server Against Spam Attacks?

Mar 25, 2008

I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.

Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?

View 5 Replies View Related

Secure VPS After Many Hack Attacks

Feb 2, 2008

my VPS provider just rebuilt my VPS after many hack attacks.

From some days I am getting emails from firewall that someone login to my VPS/mySQL using SSH.

I don't know what they do, but they don't disturb any account. Only some downtime feel during this. But last night my VPS stop working so my provider rebuilt VPS.

how I can secure my VPS now. I have Cpanel installed.

View 7 Replies View Related

How To Best Secure WP From Any Attacks, Hack Attempts Etc?

Mar 16, 2008

How to best secure WP from any attacks, hack attempts and others?

View 4 Replies View Related

How To Prevent DDoS Attacks CentOS

Jul 23, 2009

I believe that my site is being DDoSed against, and I'm wondering how I can prevent this from happening.

I'm running CentOS 5.3.

Are there any server side scripts of PHP scripts that could be used to dynamically block out IP's that are consuming too many resources on the VPS?

View 14 Replies View Related

WHM/Centos/VPS Having Brute Force Attacks

Jan 29, 2008

I am getting these types of reports in my nightly reports:

=================
sshd:
Authentication Failures:
unknown (bips131.bi.ehu.es): 212 Time(s)
mail (bips131.bi.ehu.es): 4 Time(s)
news (bips131.bi.ehu.es): 4 Time(s)
root (bips131.bi.ehu.es): 4 Time(s)
unknown (swplinux02.swp.ewr.qwest.net): 1 Time(s)
Invalid Users:
Unknown Account: 213 Time(s)

Two nights ago:

--------------------- pam_unix Begin ------------------------

sshd:
Authentication Failures:
unknown (195.251.109.21): 413 Time(s)
root (195.251.109.21): 108 Time(s)
webadmin (195.251.109.21): 18 Time(s)
root (200.55.193.59): 16 Time(s)
daemon (195.251.109.21): 8 Time(s)
ftp (195.251.109.21): 5 Time(s)
root (218.19.69.193): 4 Time(s)
Invalid Users:
Unknown Account: 413 Time(s)
===============

My VPS support said I could try:

-alternate sshd port
-require key access
-selecting client ip access
-rate limit incoming sshd syn packets per src address

However, I need some help understanding the best way to address these so that these brute force attacks aren't successful.

View 3 Replies View Related

Server Harden Tools

Sep 30, 2007

Are there any good tutorials or tools for Serer Hardening on CentOS?

Additionally, any good Host based IDS units along those lines?

View 1 Replies View Related

Auto Secure Centos

Jun 7, 2009

I just got about 10 centos vps servers. are there any programs that will do most of the hardening or security for me?

View 13 Replies View Related

CentOs VPS System More Secure?

Jul 16, 2008

on making my CentOs VPS system more secure?

View 5 Replies View Related

DDOS Threats

Jul 28, 2009

A user joined our live chat and said if we didn't cancel a domain on our server, he will send us a DDOS attack, and he did so and also did this morning.

Is there anything I can do to prevent this or possibly punish him?

View 12 Replies View Related

Plesk 12.x / Linux :: Dovecot Secure IMAP Server With Sieve Support

Jun 18, 2014

Every time i use Dovecot secure IMAP server with Sieve support.I can not receive emails note. Upgraded from 11.5 to 12

Jun 18 08:03:36 CO6302 postfix/qmgr[1523]: 284FAA0E86: from=<my@gmail.com>, size=1943, nrcpt=1 (queue active)
Jun 18 08:03:36 CO6302 postfix-local[2036]: postfix-local: from=my@gmail.com, to=the@domain.com, dirname=/var/qmail/mailnames
Jun 18 08:03:36 CO6302 postfix/pipe[2035]: 284FAA0E86: to=<the@domain.com>, relay=plesk_virtual, delay=336, delays=335/0.01/0/0.19, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user the@domain.com: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Internal error occurred. Refer to server log for more information. 4.2.1 Message can not be delivered at this time )

[code]...

View 8 Replies View Related

Plesk 12.x / Linux :: Poodle Patch - Could Not Open Secure TLS Connection To Server

Jan 7, 2015

I have used the patch : [URL] .... to disable ssl v3.

After I applied the patch getting error below when i try to send email via horde webmail:

There was an error sending your message: Could not open secure TLS connection to the server.

Roundcube can send mails well but horde not. Otherwise since applied the parch i can't get mails from gmail and maybe other providers i don't know yet.

View 1 Replies View Related

28 XSS Vulnerabilities

Jun 24, 2008

Acunetix says my site has 28 XSS vulnerabilities?

For example it says calendar.pl is vulnerable and it was able to set a javascript alert as the variable calendar_view.

How can I fix this?

Vulnerability description

This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.

Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. A browser execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.

This vulnerability affects /cgi-bin/calendar.pl.

The impact of this vulnerability
Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application
Attack details
The POST variable calendar_view has been set to >"><ScRiPt%20%0a%0d>alert(398096611151)%3B</ScRiPt>.

View 1 Replies View Related

Bind 9 Vulnerabilities

Jul 29, 2009

[url]

Upgrade if this affects you.

View 13 Replies View Related

Plesk 12.x / Linux :: How To Protect VPS Server Centos 6 64 Bit

Jul 4, 2014

how to protect Linux Server from Ddos Attack (Botnet, Loic)

View 2 Replies View Related

Harden Tmp

Mar 3, 2007

Can someone tell me the exact ssh commands to harden /tmp /var/tmp /dev/shm & /proc?

View 5 Replies View Related

Harden Php

Apr 5, 2007

way to harden php .. i got more lessons explane how can i do it but for php 5.x and my php Version now is 4.4.6 ..

View 3 Replies View Related

Can I Have Mix Windows And Linux VPSs On The Same Server Running CentOS

Feb 15, 2009

if i can create 2 VPS with completely different OS such as CentOS5 and Windows 2003 Std.

The main server will be running CentOS with HyperVM.

View 8 Replies View Related

Plesk 12.x / Linux :: How To Install CentOS 7 On 1&1 Virtual Server

Apr 1, 2015

I want to update CentOS from:

Code:
Version Parallels Plesk v12.0.18_build1200140606.15 os_CentOS 6
OS CentOS 6.6 (Final)
to CentOS 7.

What steps I need to do to install CentOS 7?

View 4 Replies View Related

Plesk 12.x / Linux :: Backup CentOS Server File Directory

Feb 25, 2015

Which protocol I should use for performing a backup of important server files and folders. I do make a snapshot but i found that's not enough.

My Centos 6.6 has ProFTPD configuration setup only for webhosts so no root access. I came across SCP, but don't know how to secure that like a Pro. I have also heard about SSHFS for linux.

View 1 Replies View Related

Cacti Command Execution And SQL Injection Vulnerabilities

Jan 14, 2007

Cacti version 0.8.6i has vulnerability: [url]

Solution: [url]

View 2 Replies View Related

How Can I "harden" My Server

Apr 15, 2008

How can I "harden" my server?

And what exactly does harden mean?

View 14 Replies View Related

Plesk 11.x / Linux :: DDOS Or High CPU Load Dedicated CentOS Server

May 12, 2014

I have been trying to identify why mi server has high load cpu, suddenly CPU load suddenly jumps, from 1 to 40 and until 110

If I restart mysqld and apache, the cpu gets back to normal, until this happen again

My server is
GenuineIntel, Intel(R)Core(TM) i5-2400 CPU @ 3.10GHz
VersionParallels Plesk Panel v11.0.9_build110120608.16 os_CentOS 6
CentOS 6.4 (Final)
CentOS 6 x64 Processor: Intel Core i5 - 3.10 GH

I already installed FAIL2BAN and DDOS DEFLATE without lock. I have CloudFlare Enabled.

When there is a high CPU load, I have checked netstats, and I don't identify many ips connected, so I think it could be an internet script (or virus).

I will paste the result of
ps fax
command, in a moment of high cpu load

View 7 Replies View Related

Plesk 11.x / Linux :: CentOS 6 - Host Name Must Resolve To Correct IP Address Of Server

Feb 15, 2015

I have a fresh server running CentOS 6 (final). I am trying to install Plesk 11.5.30 but i am experiencing some problems. When i run the plesk-installer i get this message:

Your host name must resolve to the correct IP address of your server, unless you are using network address translation (NAT).

Please quit Parallels Installer, fix the host name resolution problem, and then try installing again.

You can skip the hostname check and continue the installation, however, in such a case, the installer cannot guarantee successful installation.

Now, in my /etc/hosts file i have this:

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

Is this correct? Or do i need to add/change something else?

My server is in the clound.

View 3 Replies View Related

Plesk 12.x / Linux :: Brand New CentOS 6.5 Server Running 12.0.18 Crashing Randomly

Aug 19, 2014

I have a brand new A8i server from 1&1 that has crashed twice today and could only be rebooted through the 1&1 control panel (not Plesk). Out of the blue the server is not accessible from the Plesk CP and is not responding to pings. I have looked through the logs and do not see anything that stands out (I am not very Linux savvy). Is there somewhere specific that I can look that would tell me why it is locking up/crashing? I have only had the server about 2 weeks and am only running email on it (no websites besides webmail and Plesk CP). It is possible that there is a hardware issue, but I cannot have 1&1 check it until after hours tonight.

Server is an 8 core Intel Atom 2.6GHz with 8GB RAM.

View 8 Replies View Related

Security Vulnerabilities Found In HyperVM And LXadmin/Kloxo

Jun 6, 2009

Just got this email

Quote:

Dear Customers,

Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.

Details of the vulnerabilities will be posted in the coming days in our forum.

On hyperVM or Kloxo master, Run:

/script/upcp

Lxlabs Support Team

View 14 Replies View Related

Plesk 12.x / Linux :: Start Bing DNS Server CentOS 7 - Unable To Make Action

Mar 7, 2015

I have a issue when i try to start the DNS bing server over my vps with Centos 7 and plesk 12 its shows me this error

Error: Unable to make action: Unable to manage service by dnsmng: Empty error message from utility. ('--start', 'dns')

View 1 Replies View Related

MSSQL Server Attacks

Oct 11, 2009

I can see lot of MSSQL Server attacks. In event viewer "Login failed for user 'sa'. [CLIENT: Some IP]"

Most of the attack coming from Chaina. Tipically what I'm doing manually is get that entire IP range and block from Windows Firewall level.

Now I have plenty of blocked IP ranges all over the world.

What would be the best way to avoid from those kind of attacks ?

View 6 Replies View Related

UDP Game Server Attacks

Apr 30, 2008

there are some game types out there that are not protected from any type of udp flood attack. I have been doing a lot of work (my servers are linux) and blocked this by coding a bash script running every second checking tcpdump for the amount of current UDP connections and blocks the ip witch has more than a certain number of current UDP connections. This works perfeclty, but it firewalls the ip AFTER the attack started.

I am really interested into blocking this attack fully. Limiting the number of current connections (UDP) from an ip to a certain amount to block this attack totally. I have been looking around a lot and have had no luck. From what I have found, there is no way to do this with iptables or ipchains. It is possible for TCP though, but I could not find it for UDP. Could anyone help me out here.

Just to let you know, I do run a firewall, but it would never pick up this type of attack unless it was major. This is more like a game type bug (firewall thinks the packets are fine, player packets going to the game server).

View 13 Replies View Related

How Do I Stop Attacks On Mail Server

Dec 6, 2008

i am getting hundreds of theses in my mail log each day, trying different names etc and want to put a stop to them and auto ban the ips.

I have APF

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved