[sclug] Securing a server
Tom Chance
tom at acrewoods.net
Mon Sep 5 11:12:29 UTC 2005
Ahoy,
I've got a VM and I'm looking into further securing it at the moment. I've got
the basics - only necessary services running, no root ssh login, permissions
on files as tight as possible, basic configurations in servers to block
typical attacks, require encrypted connections, etc.
I've started by looking at mod_security and mod_dosevasive for Apache after
the server got hit with 60,000 requests in four days by a spammer. I've also
idly browsed some pages about clever firewall scripts and Intrusion Detection
Systems.
What would people's recommendations be? Where to start in proactively
tightening security?
Regards,
Tom
--
I'm aware that e-mails to me may be blocked by my host
because they are mistaken as spam. If this happens,
please e-mail me at: telex4 at yahoo.com
More information about the Sclug
mailing list