| Author |
Message |
fhumayun
Joined: 30 Apr 2009
Posts: 12
Location: Deerfield Beach, FL
|
| Posted: Thu Nov 03, 2011 10:24 pm Post subject: Protect Your Linode: Resources |
|
|
Consider these free options to harden your linode servers.
IP Tables GUI ConfigServer Services (standalone and webmin)
http://configserver.com/cp/csf.html
DenyHosts (auto-ban SSH attacks)
http://denyhosts.sourceforge.net/
Fail2ban (Harden Apache/FTP/MTAs)
http://www.fail2ban.org/wiki/index.php/Main_Page
PortSentry (works with IPTables)
http://linux.sys-con.com/node/32843
Tripwire (ubuntu) - baseline CRC file checking
http://netwizards.co.uk/installing-tripwire-on-ubuntu/
TIGER (The Unix security audit and intrusion detection tool)
http://nongnu.org/tiger/
PHP Hardening
http://www.hardened-php.net/suhosin/ |
|
| Back to top |
|
vonskippy
Joined: 27 Dec 2009
Posts: 469
Location: Colorado, USA
|
| Posted: Thu Nov 03, 2011 10:47 pm Post subject: |
|
|
| And how much resources do all those "required" addon's use up? |
|
| Back to top |
|
hybinet
Joined: 02 May 2008
Posts: 1058
|
| Posted: Thu Nov 03, 2011 10:59 pm Post subject: Re: Protect Your Linode: Resources |
|
|
fhumayun wrote: DenyHosts (auto-ban SSH attacks)
Fail2ban (Harden Apache/FTP/MTAs)
What about just uninstalling FTP and disabling password-based SSH logins? You can't beat that.
Other tools you listed may be useful for some people, though.
Note that the core features of Suhosin are already part of Debian and Ubuntu's PHP packages. The rest of Suhosin's features can be enabled by installing php5-suhosin, though it's usually unnecessary.
As usual, the most important thing is to know when you need a tool, and to use the tool properly. People who think that they'll be safe just because they installed a certain program are even scarier than the bad guys themselves. |
|
| Back to top |
|
| |
