Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 21st February 2007, 14:18
sposs sposs is offline
Junior Member
 
Join Date: Feb 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default How do i secure my Centos Server?

Hi all, first post and linux noobie.

I have a dedicated server running centos 4 , im using it to learn linux and server management mainly, i have a website up and running on the server.

My hosting company contacted me the other day to tell me my server was being used to run a phishing site.I switched off apache and deleted the phishing files.Im worried about switching on apache again without knowing how to prevent future abuse.

I patch the server regularly doing a YUM update.

However i need to know how i can stop this happening again, what additional
security can i put in place?
Reply With Quote
Sponsored Links
  #2  
Old 21st February 2007, 14:34
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

You need to find out how the pisher got access to your server. ssh? broken php application (and abused the apache user)? Any other ports open (like webmin ports)

Still any open port as a backdoor open to the pisher? I got hacked once because of a faulty PHP app, and the hacker installed some backdoor listening on an obscure port.

Start looking at /var/log and scan all log files. Try to identify something unusual.
Then execute
Code:
ps -ef
to see if any strange program is running. And you might consider installing 'chkrootkit' and run a test. Also do
Code:
netstat -tap
and see if something strange on an unusual port is listening. HTH
Reply With Quote
  #3  
Old 21st February 2007, 14:42
sposs sposs is offline
Junior Member
 
Join Date: Feb 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Great thanks will start doing that now.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
php Apps email not going through palkat General 8 21st September 2011 06:35
Statistic not working mzo Installation/Configuration 49 20th April 2011 13:19
Install ISPConfig on CentOS Server, in brief gfts Tips/Tricks/Mods 11 4th April 2006 09:29
Email - Ueb-Miau mazhar Installation/Configuration 5 21st December 2005 11:01
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 03:30


All times are GMT +2. The time now is 14:19.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.