#1  
Old 29th October 2009, 16:34
dclardy dclardy is offline
Senior Member
 
Join Date: Sep 2009
Location: Dallas, TX
Posts: 347
Thanks: 10
Thanked 47 Times in 28 Posts
Default Security Advice

I want to make sure that I have a secure server. I setup my ISPConfig 3.0 server using the HowTo: Perfect Server Debian Lenny. To this point, I have not had any problems.

Are there any other things that I can do to make it any more secure. I just want to be sure that I am as safe as possible.

-Drew
Reply With Quote
Sponsored Links
  #2  
Old 30th October 2009, 18:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

You can disable SSH password logins and use keys instead: http://www.howtoforge.com/ssh_key_based_logins_putty
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 30th October 2009, 20:26
dclardy dclardy is offline
Senior Member
 
Join Date: Sep 2009
Location: Dallas, TX
Posts: 347
Thanks: 10
Thanked 47 Times in 28 Posts
Default

Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.

I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.

Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?

Thanks.

-Drew
Reply With Quote
  #4  
Old 30th October 2009, 21:20
ivomendonca ivomendonca is offline
Banned
 
Join Date: Sep 2009
Posts: 132
Thanks: 10
Thanked 14 Times in 8 Posts
Default

Quote:
Originally Posted by dclardy View Post
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.

I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.

Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?

Thanks.

-Drew
i think this will resolve your problem.
http://www.faqforge.com/linux/contro...k-connections/

try edit /etc/fail2ban/jail.conf to enable pureftpd
Reply With Quote
  #5  
Old 1st November 2009, 13:28
lano lano is offline
Member
 
Join Date: May 2007
Posts: 94
Thanks: 10
Thanked 8 Times in 7 Posts
Default

Quote:
Originally Posted by dclardy View Post
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server.

I have tried to configure fail2ban, but I have never seen it block anything for the FTP server.

Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0?

Thanks.

-Drew
In /etc/fail2ban/filter.d/pure-ftpd.conf make sure you have:
Code:
[Definition]

failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*

ignoreregex =
In /etc/fail2ban/jail.local add following below ftp server :
Code:
[pureftpd]

enabled = true
port = ftp
filter = pure-ftpd
logpath = /var/log/syslog

maxretry = 3
Restart fail2ban and it should work.
Reply With Quote
  #6  
Old 1st November 2009, 20:46
dclardy dclardy is offline
Senior Member
 
Join Date: Sep 2009
Location: Dallas, TX
Posts: 347
Thanks: 10
Thanked 47 Times in 28 Posts
 
Default

Lano,

do you have the correct filters for the entire fail2ban configuration? I have tried falko's tutorial several times, but I always have an error and have to start over. The ones that give me problems are the SASL, POP3, and IMAP. Not sure if I have already mentioned this, but I am running Debian Lenny server with ISPConfig 3.0.1.6 from the tutorial on howtoforge.com.

Thanks for the help.

-Drew
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 08:20
searching advice about setting up ISPconfig coolen General 5 4th November 2008 13:30
Questions...email, security etc. rabrol Installation/Configuration 4 13th November 2007 22:38
Security Error: Domain Name Mismatch cctex10 Installation/Configuration 6 2nd August 2007 14:07
SE linux problem when security context is modified raj123 Technical 1 28th June 2006 08:57


All times are GMT +2. The time now is 12:19.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.