Server > Services

[dayjahone]

I turned the firewall on in Server > Services. I went through the perfect setup, but is there anything I need to do before the server is secure?

Thanks.

[Ben]

Just a firewall does not make your server safe. it just helps preventing some layer 2/3 based attack vectors or at least reduce them.

There are things like weak passwords for ssh accounts, keeping your sw packages up2date e.g. in case of buffer overflow vulns allowing privilege escalations, weak webapps (like often upcoming bugs in several plugins for phpBB and others), etc.

As you can see there won't be a single switch to make your server safe (even ppl of them you could think they know what they do got hacked -> rh / fedora server break in, lately)

[dayjahone]

I guess what I'm asking...is a brand new installation of ISPConfig's prefect setup with the firewall on considered reasonably secure?

[falko]

Generally yes, but I'd also install fail2ban and disable root SSH logins.

[dayjahone]

I did apt-get install fail2ban, but do I need to do anything to configure it? Also, how do I disable root ssh logins? I'm guess that will mean I can't do anything remotely (outside of ISPConfig)?

Thanks.

[falko]

Quote:

Originally Posted by dayjahone

I did apt-get install fail2ban, but do I need to do anything to configure it?

http://www.howtoforge.com/fail2ban_debian_etch

Quote:

Originally Posted by dayjahone

Also, how do I disable root ssh logins? I'm guess that will mean I can't do anything remotely (outside of ISPConfig)?

Open /etc/ssh/sshd_config and set PermitRootLogin to no, then restart SSH.

Afterwards, you must log in as a normal user first (that user must of course have shell access!) and then type

Code:

su

to become root.