#1  
Old 19th March 2006, 18:33
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default Sequring TPS Fedora4

Hello again

I used your ISP setup on Fedora 4.

This is my first linux webserver, so new questions come up all the time

I`ve now been running this setup on one server for two monts, and just installed another one for about a week ago.

The setup is basicly unchanged from the tutorial, how sequre is this?.

The question is now how do I sequre the server form attacks.
-I vould like to get logs on attacks etc from the server daily.
-I vould like to proteckt ssh etc from brute force.
-Sugestions on modifications from the default setup to make it more sequre.
-And anything alse to make it fortnox....

What is the max e-mail size in postfix as standard, how tho change this.....

Well, quite many questions....
It sums up to, how do I sequre my server so it don`t get hacked (I know it can`t be 100% sequre),

Last edited by Hagforce; 19th March 2006 at 18:38.
Reply With Quote
Sponsored Links
  #2  
Old 20th March 2006, 12:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by Hagforce
-I vould like to get logs on attacks etc from the server daily.
Have a look at portsentry and logcheck.

Quote:
Originally Posted by Hagforce
-I vould like to proteckt ssh etc from brute force.
http://www.howtoforge.com/preventing...with_denyhosts

Quote:
Originally Posted by Hagforce
What is the max e-mail size in postfix as standard, how tho change this.....
What's the output of
Code:
postconf -n | grep message_size_limit
and
Code:
postconf -d | grep message_size_limit
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 20th March 2006, 16:04
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

The output of postconf -n | grep message_size_limit is nothing....
The output of postconf -d | grep message_size_limit is:
Code:
message_size_limit = 10240000
Thanks for the tisps on sequring the server...

Is this a guide that will work for me on fedora with portsentry and logcheck (keep in mind that I`m a noob)... http://www.falkotimme.com/howtos/chkrootkit_portsentry/
Should I also install Chkrootkit for "antivirus" or is there somting alse....


A few aditional questions...

-I see the server gives output on telnet...
Should i just shut down telnet....
I can`t think of anything I need it for?
It just gives away information on the software I`m running on my server, and gives the hacker a head start?
-Is there any online scanners for testing my server?
-Is there a limit for how many e-mail adresses one can have under one domain?

Thanks again for helping me out

Last edited by Hagforce; 20th March 2006 at 21:44.
Reply With Quote
  #4  
Old 20th March 2006, 23:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,735 Times in 2,571 Posts
Default

Quote:
Originally Posted by Hagforce
The output of postconf -n | grep message_size_limit is nothing....
The output of postconf -d | grep message_size_limit is:
Code:
message_size_limit = 10240000
IF you want to have another message_size_limit, run
Code:
postconf -e 'message_size_limit = 20480000'
, for example, and restart Postfix afterwards.

Quote:
Originally Posted by Hagforce
Is this a guide that will work for me on fedora with portsentry and logcheck (keep in mind that I`m a noob)... http://www.falkotimme.com/howtos/chkrootkit_portsentry/
It should work for you. But the version numbers have increased, this tutorial is a little bit old.

Quote:
Originally Posted by Hagforce
Should I also install Chkrootkit for "antivirus" or is there somting alse....
Have a look here: http://www.howtoforge.com/faq/1_38_en.html


Quote:
Originally Posted by Hagforce
-I see the server gives output on telnet...
Should i just shut down telnet....
I think you mean the telnet client, not the server. The telnet client is ok.

Quote:
Originally Posted by Hagforce
-Is there a limit for how many e-mail adresses one can have under one domain?
No.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 20th March 2006, 23:44
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

Quote:
I think you mean the telnet client, not the server. The telnet client is ok.
Yeh, I messed up


I mean the fackt that when I use a machine on the internet with a telnet client, and write "telnet myip 80" I get output on my webserver version "apache 2.0.54 (fedora)"

Same with main en other stuff.

Doesn`t these kind of feedbacks give hackers an advantage in knowing versions an system.
Reply With Quote
  #6  
Old 22nd March 2006, 22:23
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

I didn`t explain what I ment vell....

When I use a telnet client against port 80 at my server it replies
Code:
<address>Apache/2.0.54 (Fedora) Server at localhost Port 80</address>
And at port 25 it replys
Code:
www.domain.com ESMTP Postfix
Port 110
Code:
+OK AVG POP3 Proxy Server 7.1.371/7.1.385 [268.2.6/287]
Isn`t this usefull information for hackers?
Is it possible to make my server not reply on this....

Or I`m I making no sense now
Reply With Quote
  #7  
Old 22nd March 2006, 22:52
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

You can configure these services to not show version numbers, but i dont have the exact configuration directives at hand.

You may find these informations in the documentation and the man pages of the programs.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 23:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.