Hello all! I am almost ready to take my LAMP server live! I want to ensure I have everything as secure as I possibly can before hand, so here is my list (please let me know if I've overlooked anything): IPtables: I have configured this for ssh and http to be accessed from outside. Do I need to explicitly allow another port for sFTP or can it share a port with ssh? rkhunter, chkrootkit and rkdet: Are they necessary? From all I hear about the difficulty of these things in the wild makes me wonder how effective they are. Input or suggestions? fail2ban: I'm considering using this, although I've installed postfix to set up a mail server at some point, and from what I've heard the two don't mesh well. System Screening: I've been reading a lot about tiger. This seems to me a worth-while package. I'd like to hear from people who've used it with any feedback. Log Watch: I don't know which logs to really keep an eye on. Is this worth the install? I don't think there can be a replacement for looking the logs over manually. Is this a good choice or no? After that, I think I got most of my bases covered. It's almost time to toss up some simple pages and start looking for holes.