Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 19th March 2006, 19:33
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default Sequring TPS Fedora4

Hello again

I used your ISP setup on Fedora 4.

This is my first linux webserver, so new questions come up all the time

I`ve now been running this setup on one server for two monts, and just installed another one for about a week ago.

The setup is basicly unchanged from the tutorial, how sequre is this?.

The question is now how do I sequre the server form attacks.
-I vould like to get logs on attacks etc from the server daily.
-I vould like to proteckt ssh etc from brute force.
-Sugestions on modifications from the default setup to make it more sequre.
-And anything alse to make it fortnox....

What is the max e-mail size in postfix as standard, how tho change this.....

Well, quite many questions....
It sums up to, how do I sequre my server so it don`t get hacked (I know it can`t be 100% sequre),

Last edited by Hagforce; 19th March 2006 at 19:38.
Reply With Quote
Sponsored Links
  #2  
Old 20th March 2006, 13:30
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

Quote:
Originally Posted by Hagforce
-I vould like to get logs on attacks etc from the server daily.
Have a look at portsentry and logcheck.

Quote:
Originally Posted by Hagforce
-I vould like to proteckt ssh etc from brute force.
http://www.howtoforge.com/preventing...with_denyhosts

Quote:
Originally Posted by Hagforce
What is the max e-mail size in postfix as standard, how tho change this.....
What's the output of
Code:
postconf -n | grep message_size_limit
and
Code:
postconf -d | grep message_size_limit
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 20th March 2006, 17:04
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

The output of postconf -n | grep message_size_limit is nothing....
The output of postconf -d | grep message_size_limit is:
Code:
message_size_limit = 10240000
Thanks for the tisps on sequring the server...

Is this a guide that will work for me on fedora with portsentry and logcheck (keep in mind that I`m a noob)... http://www.falkotimme.com/howtos/chkrootkit_portsentry/
Should I also install Chkrootkit for "antivirus" or is there somting alse....


A few aditional questions...

-I see the server gives output on telnet...
Should i just shut down telnet....
I can`t think of anything I need it for?
It just gives away information on the software I`m running on my server, and gives the hacker a head start?
-Is there any online scanners for testing my server?
-Is there a limit for how many e-mail adresses one can have under one domain?

Thanks again for helping me out

Last edited by Hagforce; 20th March 2006 at 22:44.
Reply With Quote
  #4  
Old 21st March 2006, 00:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
Default

Quote:
Originally Posted by Hagforce
The output of postconf -n | grep message_size_limit is nothing....
The output of postconf -d | grep message_size_limit is:
Code:
message_size_limit = 10240000
IF you want to have another message_size_limit, run
Code:
postconf -e 'message_size_limit = 20480000'
, for example, and restart Postfix afterwards.

Quote:
Originally Posted by Hagforce
Is this a guide that will work for me on fedora with portsentry and logcheck (keep in mind that I`m a noob)... http://www.falkotimme.com/howtos/chkrootkit_portsentry/
It should work for you. But the version numbers have increased, this tutorial is a little bit old.

Quote:
Originally Posted by Hagforce
Should I also install Chkrootkit for "antivirus" or is there somting alse....
Have a look here: http://www.howtoforge.com/faq/1_38_en.html


Quote:
Originally Posted by Hagforce
-I see the server gives output on telnet...
Should i just shut down telnet....
I think you mean the telnet client, not the server. The telnet client is ok.

Quote:
Originally Posted by Hagforce
-Is there a limit for how many e-mail adresses one can have under one domain?
No.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 21st March 2006, 00:44
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

Quote:
I think you mean the telnet client, not the server. The telnet client is ok.
Yeh, I messed up


I mean the fackt that when I use a machine on the internet with a telnet client, and write "telnet myip 80" I get output on my webserver version "apache 2.0.54 (fedora)"

Same with main en other stuff.

Doesn`t these kind of feedbacks give hackers an advantage in knowing versions an system.
Reply With Quote
  #6  
Old 22nd March 2006, 23:23
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

I didn`t explain what I ment vell....

When I use a telnet client against port 80 at my server it replies
Code:
<address>Apache/2.0.54 (Fedora) Server at localhost Port 80</address>
And at port 25 it replys
Code:
www.domain.com ESMTP Postfix
Port 110
Code:
+OK AVG POP3 Proxy Server 7.1.371/7.1.385 [268.2.6/287]
Isn`t this usefull information for hackers?
Is it possible to make my server not reply on this....

Or I`m I making no sense now
Reply With Quote
  #7  
Old 22nd March 2006, 23:52
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,007
Thanks: 840
Thanked 5,651 Times in 4,461 Posts
Default

You can configure these services to not show version numbers, but i dont have the exact configuration directives at hand.

You may find these informations in the documentation and the man pages of the programs.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 23rd March 2006, 10:18
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

Ok...

Found it...

If anyone alse would like to do this:

SSH to your fedora box.
Code:
nano /etc/httpd/conf/httpd.conf
Type "ctrl+w" and search for "ServerSignature"
Edit this to ServerSignature off

You can also add "ServerTokens ProductOnly" in the line under to show only Apace, not version.

Type "crtl+x" and save your settings.
Restart Apache
Code:
/etc/init.d/httpd restart
Telnet etc to your box and check
This should mask server version and services.

Didn`t find anyting yet on postfix, dovecot, mysql, proftp and pop3....
Doesn`t seem like port 81 gives out any info

Last edited by Hagforce; 23rd March 2006 at 10:36.
Reply With Quote
  #9  
Old 24th March 2006, 12:48
Hagforce Hagforce is offline
Senior Member
 
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default

After running postconf -e 'message_size_limit = 20480000'
I get:

Code:
[root@www ~]# postconf -d | grep message_size_limit
message_size_limit = 10240000
[root@www ~]# postconf -n | grep message_size_limit
message_size_limit = 20480000
Witch is outgoing/incoming
Reply With Quote
  #10  
Old 24th March 2006, 21:18
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,749 Times in 2,579 Posts
 
Default

Code:
postconf -d | grep message_size_limit prints
the default value,

Code:
postconf -n | grep message_size_limit
your current setting. So the latter prints what is currently effective.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 12:22.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.