Few Tips to on how to secure a VPS

Posted by at 23 October, at 16 : 20 PM Print

A) To disable Formmail in order to stop spam mails –

1) Command to find Mails –
find / -name “[Ff]orm[mM]ai*”

2) Command to find CGI mails –
find / -name “[Cc]giemai*”

3) To disable form mails –

chmod a-rwx /path/to/filename

this is will disable all the scripts.

B) Root kits should be installed –

– Set a root kit on a cron job, this will show if any one has hacked in the roots.
– Update the roots

1) Command to install chrootkit –

cd /root/
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar xvzf chkrootkit.tar.gz
cd chkrootkit-0.44

2) To run chkrootkit –

/root/chkrootkit-0.44/chkrootkit

C) Installation of a root breach detector and warning of any emails –

pico .bash_profile

At the end of the page –

Add,

echo ‘ALERT – Root Shell Access on:’ `date` `name` | mail -s “Alert: Root Access from `the person accessing | awk ‘{print $6}’`” self@mail.com

Thereafter save the changes

Exit.

2) To release an SSH message –

pico /etc/motd

thereafter enter the message

Save changes

Exit

D) Changes to be made in WHM/cpanel to secure server –

Log in to cpanel>Server setup>Tweak settings

a) Domains –

Prevent users from parking/adding domains.

b) Mail –

Prevent pop3 connections loading

c) System –

Jailshell should be used as a default shell for all the accounts.

d) Server setup>Tweak security
1) Enable php open_basedir Protection
2) Enable mod_userdir Protection

e) Server setup>Manage Wheel Group Users
1) Remove all other users except for root and main account users.

f) Server setup > Shell Fork Bomb Protection
1) Enable Shell Fork Bomb Protection

g) Service Configuration>FTP Configuration
1) Disable Anonymous FTP

h) Account Functions>Manage Shell Access
1) Disable shell access

I) Mysql>MySQL Root Password
1) Change root password

j) Security>Run Quick Security Scan>Trojan Horses –
1) The following are not Trojan –
/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod

Be Sociable, Share!

Latest posts by shane (see all)

Comments

comments

Industry News Tutorials Web Hosting

Related Posts

Post Your Comment

You must be logged in to post a comment.