Security and RKHunter

Discussion in 'Installation/Configuration' started by MattJo., Jun 8, 2010.

  1. MattJo.

    MattJo. New Member


    So, in the RKHunter log page in ISPConfig I am seeing this:


    Data from: ????-??-?? ??:??

    No data about RKHunter available at the moment. Please check again later.
    I manually ran a scan from the CLI and expected it to update--and nothing.

    So, what prompted this is that I noticed that Fail2ban had banned several ssh login attempts from five different ip's in asia:eek:. I have since configured the NAT firewall to block all ssh logins attempts from all WAN ip's except mine.

    Are there any other suggestions to enhance security here--I am running the default install of ISPConfig 3.

    thanks in advance,


    PS: BTW, how common is this?
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    rkhunter is run automatically once a night by ispconfig. If you run it manually then you can only view the log on the shell and not in ispconfig.
  3. MattJo.

    MattJo. New Member

    Security Steps


    Thanks very much. Any other suggested/must-do security steps I should take, besides, checking the logs? I have limited SSH access to my IP's only. Would increasing the fail2ban time help?



Share This Page