Secure Server From Scanner

Dec 4, 2008

i want to secure my server that scanner tools can not scan my site . because of one of my site is very important to do not scan of folder.

my server os : linux Centos 5

View 3 Replies


ADVERTISEMENT

Virus Scanner For Unix Server?

Aug 27, 2007

I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.

View 4 Replies View Related

Linux Server Security Scanner

Apr 28, 2008

i have managed server. just i want sure if it is secured.

i want company to test my server, Security Scanner.

and give me report about my bugs.

View 7 Replies View Related

EXploit Scanner (cxs)

Nov 6, 2009

CSF install the new version, I warned that the option Check for cxs. I had a few questions!

1 - is it free? And can be installed and will work?

2 - I like these things are additional to the installation?

3 - a bit about this new possibility to explain how to solve the case to get out of the red.

View 14 Replies View Related

Formmail Scanner

Jan 4, 2007

Does anyone know any open source tools that will scan cgi programs for exploits? Specifically for exploitable formmail scripts.

View 0 Replies View Related

What Email Scanner Gateway

Apr 10, 2009

What type of free email scanner gateway that you are using? I am using SA, Clam and Qmail. It's a little old and w/o the GUI for client to manage the settings.

I'm thinking to switch to something with GUI. Perhaps the combination of Exim, SA, Clam, MAilScanner and a GUI.

View 0 Replies View Related

Illegal Content Scanner

May 20, 2009

While reading a lot of posts and blogs about hosting, I just wanted to ask if someone has an idea on how to find files with illegal content.

I just tried a few bash scripts, but if there are a few thousand files, most of them stop working or produce server loads that stop the whole server.

Is there any software already out there or any script to scan the content on server for phrases?

View 12 Replies View Related

ClamAV Scanner Resource Intensive?

Oct 22, 2006

I would like to know how resource intensive is ClamAV Scanner. Should I allow it or not to my VPS clients/resellers?

Can I set it to use it as root? How?

View 0 Replies View Related

How To Block Acunetix Scanner With Mod_security

Aug 12, 2007

Anobody knows appropriate rules to block Acunetix scanner to crawl my sites?

View 8 Replies View Related

File System Vulnerablity Scanner

Feb 20, 2007

Are there any vulnerability scanners that search the local file system for vulnerable apps?

I don't need an external scanner. I want to scan all my users home dirs for bad apps - old coppermines, phpbb, etc.

I've not been able to find anything like this.

View 4 Replies View Related

Google Dork Scanner - Find Vulns?

Mar 25, 2008

Anyone use this poorly coded thing?

Goolag Scanner coded by CULT OF THE DEAD COW/cDc communications

Ive been using it for a bit, but i don't have any vulns on most of my box's.

Anyone else find this thing effective?

Ive passed it onto a few clients, seem to entertain them doing there own basic google powered security scans.

Here is a quick download; Goolag_Scanner_1.0.0.40_Setup.exe

Ive pulled a few results on other large sites, some interesting data thats spread out on google, strange how the crawlers get into it?

1.2 Software

To understand Goolag Scanner, it is important to understand how "dorks"
work (see 1.4) and with that, to establish the use of dorks as an
acceptable tool for information security experts, penetration testers,
and practical paranoids.

1.4 Terms And Abbreviations

* Dork = A detailed search pattern - heretofore used with Google's
search engine - that uses Google to show untapped results for web
sites previously indexed by Google.

The intention of a dork is to find results that might show
information relevant to security issues and/or confidential data.

From our point of view, dorks are not limited to Google. Frankly,
they are malicious patterns that apply to most search engines.

* gS = Goolag Scanner

* cDc = CULT OF THE DEAD COW/cDc communications

View 3 Replies View Related

Emails Not Displaying Mail Scanner Headers

Sep 14, 2008

i installed the latest version of the mail scanner on my linux server. It has been tested to be scanning and running properly. But one thing that is unusual is that the emails that is being processed by the mailscanner does not get tagged as its being processed by it. Hence i do not really know whether it has been processed.

When i check the email full headers, i am missing information like spam score, spam information and spam status. I did a check in the mailscanner.conf and the configuration was done correctly.

how can we set these information to show on the email header that it has been processed.

View 2 Replies View Related

How To Secure DNS Server

Mar 25, 2009

i have question about securety of our DNS Server.

View 8 Replies View Related

Secure My Server ...

Apr 25, 2008

My server hacked!

my server hacked for tow time in less than one month (both times they were similar to each other), and my previous securing company work on my server in previous hack but the server hack again!

anybody can work on my server? this is very URGENT because my server and all of our sites are down!

View 3 Replies View Related

Is Your Server Really Secure

Mar 14, 2008

so while we all obsess over hardening our servers against sophisticated hacking attempts, how many of us consider the security of our own host's control panel?

Just today i'd forgotten my login for my host's helpdesk. I couldn't find their password recovery form, so i opened their public support chat and asked support for a link to their password recovery form. Apparently they didn't have a password recovery form. Here is the chat transcript:

Support: Hello
Tom: Hi, where is your password recovery form for the helpdesk?
Support: How may i help you?
Tom: Did you see my message?
Support: Yes
Support: Let me know your email address
Tom: [REMOVED]
Support: Okay Let me check
Support: Your new password is [REMOVED]

So, the only think really stopping someone from logging into my helpdesk and posting a server cancellation ticket is a little bit of research to find my email address and a traceroute to find my host.

View 4 Replies View Related

HOW TO SECURE YOUR SERVER

Nov 11, 2007

I see that one of the most important things nowadays is the security of our servers.

I would like to know from people here that are running big and small servers what they have done to secure their servers. What tips, what softwares they have used, which applications using and are more secure than others.. generally everything that could make good in the protection and security of our servers.

Even if you asked helped from a company doing that work, what changes they have done to your servers? which options they changed?

I am making this thread so as to collect all info we know in one place.. One knows about that tip.. the other one knows another tip.. having all of them somewhere could make a tremendous difference..

Moderators please dont move that thread in any software discussion or other forum as this is one of the most active ones and also has instant relation with the dedicated servers we buy.

View 11 Replies View Related

No Need To Secure Server

Dec 6, 2007

I have a friend that works in the IT. He is about to start his own business, something in the line of network connection or something like that. I was telling him that I'm planning on getting my own dedicated server but that I have no idea how to secure the server. He told me that most linux desitributions come with their own build in firewall and that I don't need to worry about security. He told me to just ask my dedicated server provider to make sure the firewall is enabled and that's it. When he told me that I thought to myself, either this guy has no idea what he's talking about, or those guys at Webhostingtalk have no idea what they are talking about!

View 14 Replies View Related

Which Is The Best Company To Secure My Web Server

May 23, 2008

Which is the best company to secure my web server?

View 8 Replies View Related

Secure Apache Server

Sep 8, 2007

Is anyone have a ebook or article about secure linux server and apache .

I want to secure own server and my vps customer

my linux system : Centos

also i have cpanel control panel

View 3 Replies View Related

How To Secure Harden The Server

Mar 27, 2007

I have a unmanaged server, and i want to have it secure harden.. how do i do it?

View 5 Replies View Related

How Do I Secure A Streaming Server

Jul 27, 2007

I would like to know if it's possible to secure a server used only for streaming.

Here is what I have on my server :

- Gentoo,
- FlashMedia Server,
- and the following services are enabled : ftp, ssh, named and web ssl

Is it possible for instance to install Mod_security?

View 3 Replies View Related

How To Secure Your Plesk Based VPS Server

Mar 25, 2009

I came across this very detailed step-by-step tutorial on how to secure a Plesk based VPS. It's up-to-date and was just written so the info is accurate.

Here's the link to the full tutorial: ...

View 1 Replies View Related

How Can I Secure My Server Against Spam Attacks?

Mar 25, 2008

I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.

Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?

View 5 Replies View Related

How To Secure A FreeBSD Server For Shell?

Mar 13, 2007

For hosting irc and shells i heard that the best choice for OS is the FreeBSD..

I would like to know if there are any toturials or if someone can write one.. (or give some tips) of how can i secure a machine running FreeBSD and used for irc + shells!

For example how can i install a firewall, a rootkit etc etc..

Also what about putting users at jail? (not allowing them see other dirs except theirs) how can i do that?

Also what about dont allow users use some commands like dmesg, ping, traceroute, and also how can i make them when they do ps -aux to only see their processes (to not be able see the other processes from other users..)

View 3 Replies View Related

Secure Employees SSH Access To Server

Jul 6, 2009

I'm thinking about creating a limited platform for my employees to access my hosting servers

I wish they can create certain types of directories for users, set permissions on some directories, list users accounts, etc.

but although I don't think they would want to abuse this kind of access, I not only like the Trust-No-One premisse, but I also find it not very unlikely that the computer they're using get compromised or something like that

so I'd like to get technical ideas on how to develop this system and to know if anyone is interested and would like to contribute to the code

what I've considered so far is that I should either create a special user for that which would be on all users group, or should give it "root" access... the latter seems more reasonable for me considering the implementation and compatibility between systems and control panels

but with "root" access I mean "running MY INTERFACE to the employee as root"... this interface would have limited options like "create directory for user X", "list content of user X", etc. (taking a lot of care on input validation)... and would enforce some limits to prevent abuse (for example, can't list the content of more than 10 users per hour, or something like that... and alert me)

my main doubt is how you think that should be implemented? as a special server or as a webservice? with webservice I have the advantage of being capable of using SSL in a simple way and I don't need a special client (since any browser is a client)
then that could be PHP or Perl... but running as UID 0 (I don't even know if apache allows that, or if there's a workaround like SUID)

View 6 Replies View Related

Secure FTP :: FTPS On CPanel Server

Jul 7, 2008

I`m going to use FTPS for one of my accounts on a cPanel Server.

Should I assign a dedicated IP to that account, then install SSL on FTP.DOMAIN.COM?

View 6 Replies View Related

Most Secure Dedicated Web Server Setup

Mar 18, 2008

I am seeking a little input from others who use multi-CPU machines with large memory as web servers and mysql servers.

I will be more than happy to give additional information I might have overlooked if you need it. Just ask.

We are starting to run more and more dedicated hosts running joomla applications. I've been trying to find the very best settings for both performance and security that I can for the servers to function well specifically with their joomla applications.

Serves are not used for *anything* else at all.

The servers are strictly used to serve up web pages. No need for anything other than what apache/php, joomla requires and a few other things such as ffmpeg, etc.

I would like to remove all tools which aren't needed for such a server, leaving a bare minimum server which is less susceptible to hacking.

I've never messed with the root account so wonder if I can simply not allow any access as root other than terminal, perhaps not even su by giving another account full root access and of course, while allowing the system to continue to function properly with the many things which must run as root.

I would like to do this on all of my public machines which are of course behind firewalls. I also have load balancers and cache devices in front of the web servers but at this time, they are not activated so aren't in the realm of this question.

Development is done in a separate environment and the data is pushed to the web server via private network to the web servers. This means no need for shared tools, FTP, or anything else which users would need in a shared environment.

The servers are 8-way IBM, running linux and apache, php/APC.
Servers have 32GB of memory and I can install up to 64GB.

Databases are run on separate machines which are also dedicated only to running mysql databases. Same machines as above.

Machines all run multiple network cards bonded as a single IP.

So, my questions are;

How can I best utilize my hardware to take advantage of their memory capacities.

For example, on the web servers, I'd like to find the best settings for httpd.conf which takes advantage of the machines resources.

On MySQL servers, I'd like to do the same as the above, taking the best advantage of the hardware/memory.

For web serving and for joomla, I seek the very best security settings I can possibly get. I say best because since they aren't used by users, there is no need to have a lot of tools and access to these machines so it should not be a problem to tighten these machines up a great deal.

Any input from those who have such experiences would be very welcome as I've been finding no one place for help on this.

View 0 Replies View Related

Can I Feel Secure On A Shared Server

Apr 29, 2008

I have a small reseller account but all the domains are managed by myself. Security has not been a problem because the sites are simple, but now I have a need to deliver and recieve private files. I know how to keep the website itself secure writing my own sessions, using explicit variables, storing sensitive data outside of the web directories and that sort of stuff but it is my 'neighbors' that bother me. If one of them gets hacked or I get a bad neighbor sharing the server I do not want them to have access to my files and passwords.

A few years ago I wrote a browsing script that I found out had the ability to escape my own area and roam freely around every area on the server with unlimited access to every file. When I complained about it, the server admin said that I had nothing to worry about. When I pressed the issue I was told that nobody could invade my files because it was against the rules to go into other people's account. It turned out most server administrators left things open to eliminate scripting problems for their users and there was really no way to lock down a server without breaking a lot of scripts. At the time I moved to a more secure server but they eventually opened things up because of too many complaints and help requests.

Have things changed? Have they worked out the issues with shared servers? Is there a way to tell if my host has implemented proper safeguards (if any viable ones exist)?

View 14 Replies View Related

How To Secure Windows Server 2003

Dec 23, 2007

what software You Used for securing your windows server.

How Can I Securing My server from All DDOS Attack and All remote hacking?

What kind of software you Used to protect your windows server?

View 14 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved