View Full Version : Security Advice
dclardy
29th October 2009, 17:34
I want to make sure that I have a secure server. I setup my ISPConfig 3.0 server using the HowTo: Perfect Server Debian Lenny. To this point, I have not had any problems.
Are there any other things that I can do to make it any more secure. I just want to be sure that I am as safe as possible.
-Drew
falko
30th October 2009, 19:47
You can disable SSH password logins and use keys instead: http://www.howtoforge.com/ssh_key_based_logins_putty
dclardy
30th October 2009, 21:26
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.
I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.
Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?
Thanks.
-Drew
ivomendonca
30th October 2009, 22:20
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.
I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.
Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?
Thanks.
-Drew
i think this will resolve your problem.
http://www.faqforge.com/linux/controlpanels/ispconfig3/configure-fail2ban-to-use-route-instead-of-iptables-to-block-connections/
try edit /etc/fail2ban/jail.conf to enable pureftpd
lano
1st November 2009, 14:28
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.
I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.
Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?
Thanks.
-Drew
In /etc/fail2ban/filter.d/pure-ftpd.conf make sure you have:
[Definition]
failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
ignoreregex =
In /etc/fail2ban/jail.local add following below ftp server :
[pureftpd]
enabled = true
port = ftp
filter = pure-ftpd
logpath = /var/log/syslog
maxretry = 3
Restart fail2ban and it should work.
dclardy
1st November 2009, 21:46
Lano,
do you have the correct filters for the entire fail2ban configuration? I have tried falko's tutorial several times, but I always have an error and have to start over. The ones that give me problems are the SASL, POP3, and IMAP. Not sure if I have already mentioned this, but I am running Debian Lenny server with ISPConfig 3.0.1.6 from the tutorial on howtoforge.com.
Thanks for the help.
-Drew
vBulletin® v3.8.7, Copyright ©2000-2012, vBulletin Solutions, Inc.