Comments for My Blog http://www.bursley.net/wordpress Just another WordPress weblog Wed, 07 Apr 2010 23:04:50 +0000 hourly 1 http://wordpress.org/?v= Comment on Script kiddies try everything by Eric Bursley http://www.bursley.net/wordpress/?p=78&cpage=1#comment-9 Eric Bursley Wed, 07 Apr 2010 23:04:50 +0000 http://www.bursley.net/wordpress/?p=78#comment-9 I've pretty much done all that, and configured mod_security and ran a few Nikto vulnerability assessments against my server, and made further adjustments to the apache, php configuration based on the results. I’ve pretty much done all that, and configured mod_security and ran a few Nikto vulnerability assessments against my server, and made further adjustments to the apache, php configuration based on the results.

]]> Comment on Script kiddies try everything by scott http://www.bursley.net/wordpress/?p=78&cpage=1#comment-8 scott Wed, 07 Apr 2010 23:00:42 +0000 http://www.bursley.net/wordpress/?p=78#comment-8 Eric, I know what you are talking about here. I had to harden a production server once upon a time and here are some things I can remember doing: 1. Turned off all necessary services 2. removed all software that was not needed 3. set up iptables: denied ssh brute force attacks, xmas attacks, etc.. 4. set up my tcpwrappers to only allow what i needed 5. for ssh i denied root login, only allowed the users i knew needed access, etc. 6. ran nmap localhost to make sure no ports were open i didn't want open 7. with iptables i only allowed traffic from known IP's, and then, they had to share their keys with me, so if the ip got spoofed, they'd still need the key to get in. 8. only allow one user to sudo. your situation is a bit different, but i figured i'd just throw these things out. I wrapped everything in a script so it'd get configured correctly whenever i reinstalled it - if needed. I didn't configure selinux because i didn't understand it well enough. Eric,

I know what you are talking about here. I had to harden a production server once upon a time and here are some things I can remember doing:

1. Turned off all necessary services
2. removed all software that was not needed
3. set up iptables: denied ssh brute force attacks, xmas attacks, etc..
4. set up my tcpwrappers to only allow what i needed
5. for ssh i denied root login, only allowed the users i knew needed access, etc.
6. ran nmap localhost to make sure no ports were open i didn’t want open
7. with iptables i only allowed traffic from known IP’s, and then, they had to share their keys with me, so if the ip got spoofed, they’d still need the key to get in.
8. only allow one user to sudo.

your situation is a bit different, but i figured i’d just throw these things out. I wrapped everything in a script so it’d get configured correctly whenever i reinstalled it – if needed.

I didn’t configure selinux because i didn’t understand it well enough.

]]> Comment on Migration to a new server by Eric Bursley http://www.bursley.net/wordpress/?p=44&cpage=1#comment-5 Eric Bursley Wed, 06 Jan 2010 16:21:31 +0000 http://mail2.bursley.net/wordpress/?p=44#comment-5 Go Daddy changed my MX record automagically, and had no idea how or when it happened. I lost almost a day's worth of email. This was the primary reason for the change. A secondary reason was lack of good support. I hate calling support and waiting 15 minutes to get someone on the line, just to have them know nothing about my configuration. Go Daddy changed my MX record automagically, and had no idea how or when it happened. I lost almost a day’s worth of email. This was the primary reason for the change. A secondary reason was lack of good support. I hate calling support and waiting 15 minutes to get someone on the line, just to have them know nothing about my configuration.

]]> Comment on Migration to a new server by Latasha http://www.bursley.net/wordpress/?p=44&cpage=1#comment-4 Latasha Wed, 06 Jan 2010 16:13:31 +0000 http://mail2.bursley.net/wordpress/?p=44#comment-4 To funny. I just recently signed up with GoDaddy to host my fiance's website. I originally signed up with VistaPrint, which was for a trial version. VistaPrint's web creation is very limited, so that's the reason I switched over to GoDaddy. But, of course I had to pay VistaPrint $20 for the domain name. I still have VistaPrint hosting the website though. I need to create the website with GoDaddy, then I can drop VistaPrint all together. To funny. I just recently signed up with GoDaddy to host my fiance’s website. I originally signed up with VistaPrint, which was for a trial version. VistaPrint’s web creation is very limited, so that’s the reason I switched over to GoDaddy. But, of course I had to pay VistaPrint $20 for the domain name. I still have VistaPrint hosting the website though. I need to create the website with GoDaddy, then I can drop VistaPrint all together.

]]>