Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 30th July 2007, 05:58
llamy llamy is offline
Member
 
Join Date: Jun 2007
Posts: 80
Thanks: 3
Thanked 0 Times in 0 Posts
Default Securing an ISPConfig website

Hi,

I have Ispconfig installed as a firewall for the site i'm still working and not deployed yet at this time. I know that IspConfig ensures a very tight security to the site but with all the howto's i went through, i wonder if i'm missing an extra security mesure like :

mode_security according to this Falko howto:
http://www.howtoforge.com/apache_mod_security

or

snort and base According to this Edge howto:
http://www.howtoforge.com/intrusion_...ion_base_snort

or i think maybe that i'm missing a

security tool that will cop with Ispconfig and allow me to see, detect and take measures on realtime about attacks and intrusions.

Can you please guide me through. Thanks alot in advance.

Llamy.
Reply With Quote
Sponsored Links
  #2  
Old 30th July 2007, 09:36
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,473
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

You can combine these two howtos with ISPConfig. ISPConfig itself is a server configuration tool, not a security tool. Just install and configure the additional security software on your serverm it will not conflict with your ISPConfig installation.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 30th July 2007, 09:44
llamy llamy is offline
Member
 
Join Date: Jun 2007
Posts: 80
Thanks: 3
Thanked 0 Times in 0 Posts
Default Thanks Till

Thanks alot!
But i wonder if i there is anymore security measures i should take!

llamy.
Reply With Quote
  #4  
Old 30th July 2007, 09:49
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,473
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by llamy
Thanks alot!
But i wonder if i there is anymore security measures i should take!

llamy.
No, just make sure that you install all available updates for your linux distribution regularily and enable the ISPConfig firewall. Do not start unneeded services. If you used one of the perfect setup guides, your server should not run any unneeded services.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 30th July 2007, 10:10
llamy llamy is offline
Member
 
Join Date: Jun 2007
Posts: 80
Thanks: 3
Thanked 0 Times in 0 Posts
Default That will be it!

Yes i have followed the Fed Core 6 perfect setup and and also the LAMP server with IspConfig as a firewall on Fed Core 6 by Falko, and just left the basic configuration that come with IspConfig as it (about the ports scanning). I will just go ahead now and add the 2 howto 's above, Thanks again one more time Till for your help!.

Llamy.
Reply With Quote
  #6  
Old 30th July 2007, 11:14
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 150 Times in 130 Posts
Default

One other nice extra option to add is PSAD (http://www.cipherdyne.com/psad/)

I've got it running on my Debian systems.
When a person does a port scan to one of my servers it's IP get blocked for a set time. (in my case for 10 minutes)
__________________
Never execute code written on a Friday or a Monday.
Reply With Quote
  #7  
Old 30th July 2007, 12:18
llamy llamy is offline
Member
 
Join Date: Jun 2007
Posts: 80
Thanks: 3
Thanked 0 Times in 0 Posts
Default Thanks Edge!

Thank you very much for that nice extra option tip, i have install both psad and fwsnort from http://www.cipherdyne.com as you mentionned and the installation was succesfull. So if i understand so far the doc, you have only one command line to see the attacks : psad --status and how did you set time to 10 min in psad.conf to block IPs. Thnks again.

Llamy.
Reply With Quote
  #8  
Old 30th July 2007, 14:10
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,033
Thanks: 261
Thanked 150 Times in 130 Posts
Default

It has been some time ago that I did the setup for psad, but all needed things are set within psad.conf

More info about the scan timeout here
__________________
Never execute code written on a Friday or a Monday.
Reply With Quote
  #9  
Old 31st July 2007, 05:46
llamy llamy is offline
Member
 
Join Date: Jun 2007
Posts: 80
Thanks: 3
Thanked 0 Times in 0 Posts
 
Default Thanks Edge

Hey man thank you for the link in your reply! I wil check it!

llamy.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP not working in ISPConfig website FadeOUT Installation/Configuration 37 11th September 2007 15:07
Problems setting up website with Joomla and ISPconfig ikkem HOWTO-Related Questions 11 16th May 2007 10:33
Websites management with ISPConfig in fedora 6 razvan_vlad Installation/Configuration 1 3rd February 2007 09:25
FC4 Setup DNS and ISPCONFIG issues The General Installation/Configuration 7 15th May 2006 09:45
ISPConfig 2.3.1-dev released till General 0 8th May 2006 22:18


All times are GMT +2. The time now is 16:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.