Prev Previous Post   Next Post Next
  #1  
Old 2nd March 2010, 17:10
mnzava mnzava is offline
Member
 
Join Date: Aug 2007
Location: Dar es Salaam, Tanzania
Posts: 50
Thanks: 9
Thanked 0 Times in 0 Posts
Default ISPConfig 3 Security

Hi all,

I have managed to install ispconfig without any problem.

I was asked to run these commands to check server security by our old hosting company.

Code:
netstat -rn
lsof -i -n -P
iptables -L -n -v --line-numbers
iptables -L -n -v --line-numbers -t nat
These are the outputs.
netstat -rn
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.0.1     0.0.0.0         UG        0 0          0 eth0
lsof -i -n -P
Code:
COMMAND     PID          USER   FD   TYPE DEVICE SIZE NODE NAME
apache2    1460      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2    1460      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2    1460      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
sshd       2286          root    3r  IPv4 459096       TCP 192.168.0.24:22->192.168.0.125:50229 (ESTABLISHED)
sshd       2315 administrator    3u  IPv4 459096       TCP 192.168.0.24:22->192.168.0.125:50229 (ESTABLISHED)
sshd       2345          root    3u  IPv4   5790       TCP *:22 (LISTEN)
sshd       2345          root    4u  IPv6   5793       TCP *:22 (LISTEN)
amavisd-n  2371        amavis    7u  IPv4   5861       TCP 127.0.0.1:10024 (LISTEN)
mysqld     2446         mysql   10u  IPv4   5951       TCP *:3306 (LISTEN)
spamd      2509          root    5u  IPv4   6131       TCP 127.0.0.1:783 (LISTEN)
couriertc  3068          root    3u  IPv6   7382       TCP *:143 (LISTEN)
couriertc  3098          root    3u  IPv6   7425       TCP *:993 (LISTEN)
couriertc  3121          root    3u  IPv6   7483       TCP *:110 (LISTEN)
couriertc  3149          root    3u  IPv6   7539       TCP *:995 (LISTEN)
mydns      3166        nobody    2u  IPv4   7702       UDP 127.0.0.1:53 
mydns      3166        nobody    3u  IPv4   7703       TCP 127.0.0.1:53 (LISTEN)
mydns      3166        nobody    4u  IPv4   7704       UDP 192.168.0.24:53 
mydns      3166        nobody    5u  IPv4   7705       TCP 192.168.0.24:53 (LISTEN)
mydns      3166        nobody    6u  IPv6   7706       UDP [::1]:53 
mydns      3166        nobody    7u  IPv6   7707       TCP [::1]:53 (LISTEN)
mydns      3169        nobody    2u  IPv4   7702       UDP 127.0.0.1:53 
mydns      3169        nobody    3u  IPv4   7703       TCP 127.0.0.1:53 (LISTEN)
mydns      3169        nobody    4u  IPv4   7704       UDP 192.168.0.24:53 
mydns      3169        nobody    5u  IPv4   7705       TCP 192.168.0.24:53 (LISTEN)
mydns      3169        nobody    6u  IPv6   7706       UDP [::1]:53 
mydns      3169        nobody    7u  IPv6   7707       TCP [::1]:53 (LISTEN)
master     3267          root   12u  IPv4   7953       TCP *:25 (LISTEN)
master     3267          root  106u  IPv4   8086       TCP 127.0.0.1:10025 (LISTEN)
pure-ftpd  3281          root    4u  IPv4   8113       TCP *:21 (LISTEN)
pure-ftpd  3281          root    5u  IPv6   8115       TCP *:21 (LISTEN)
ntpd       3332           ntp   16u  IPv4   8257       UDP *:123 
ntpd       3332           ntp   17u  IPv6   8258       UDP *:123 
ntpd       3332           ntp   18u  IPv6   8263       UDP [fe80::21e:c9ff:fee5:c538]:123 
ntpd       3332           ntp   19u  IPv6   8264       UDP [::1]:123 
ntpd       3332           ntp   20u  IPv4   8265       UDP 127.0.0.1:123 
ntpd       3332           ntp   21u  IPv4   8266       UDP 192.168.0.24:123 
apache2    3429          root    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2    3429          root    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2    3429          root    5u  IPv4   8447       TCP *:8080 (LISTEN)
amavisd-n  3510        amavis    7u  IPv4   5861       TCP 127.0.0.1:10024 (LISTEN)
amavisd-n  3510        amavis   16u  IPv4 332340       TCP 127.0.0.1:50560->127.0.0.1:10025 (CLOSE_WAIT)
amavisd-n  3511        amavis    7u  IPv4   5861       TCP 127.0.0.1:10024 (LISTEN)
spamd      3512          root    5u  IPv4   6131       TCP 127.0.0.1:783 (LISTEN)
spamd      3513          root    5u  IPv4   6131       TCP 127.0.0.1:783 (LISTEN)
apache2   31752      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31752      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31752      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
apache2   31754      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31754      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31754      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
apache2   31755      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31755      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31755      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
apache2   31756      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31756      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31756      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
apache2   31757      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31757      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31757      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
apache2   31758      www-data    3u  IPv4   8442       TCP *:80 (LISTEN)
apache2   31758      www-data    4u  IPv4   8444       TCP *:443 (LISTEN)
apache2   31758      www-data    5u  IPv4   8447       TCP *:8080 (LISTEN)
iptables -L -n -v --line-numbers
Code:
Chain INPUT (policy ACCEPT 129K packets, 13M bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1      538 39658 fail2ban-ssh  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 22 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 21139 packets, 1761K bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain fail2ban-ssh (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1      538 39658 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0
iptables -L -n -v --line-numbers -t nat

Code:
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
Now can someone tell me if there is any security issue on the output of these commands? If there is any issues. which service should i stop or what should i do to solve? regards.

am asking this so that i can understand this system much better. i've been using it for six months now. and it seems very good. but i've never tested it's security side.

i want to defend this to be used on our school.

Thanks in advance?
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig PHP Security exabytes18 General 4 20th June 2009 13:02
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 09:20
ispconfig 3 + mysql security for virtual user paswords Teddy_2009 General 1 6th May 2009 20:00
ISPConfig 3.0.0.4 Beta Released till General 54 4th March 2009 10:55
What Ispconfig skill sets should I learn. slamb General 1 1st November 2007 12:45


All times are GMT +2. The time now is 03:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.