Chat with us, powered by LiveChat
How to check your Web Server security?

How to check your Web Server security?

Sometimes actions performed by the attacker on the server may affect its functionality. So its always advisable to check server’s security to avoid attack on the server. Always check the resources of server which might be affected.

You can check the CPU usage by firing top command and look for the application or scripts that consume your CPU

For strange processes you can check with ps -awux command.

Check /tmp directory and /var/tmp directory for scripts and binaries copied there.

The attacker might use the server to host IRC bot like psybnc or eggdrop which connects to port 6667 when a server is compromised . You can if any of your applications connect to that port with sockstat:

#sockstat | grep 6667

If there’s not much traffic on your server you could use netstat command to see if suspect connections are made.

#netstat -a

Install and run regularly an rootkit finder application (for e.g /usr/ports/security/rkhunter).

Look for the other open ports that you run other than the ones you use for your running services.

Latest posts by John (see all)

Sharing

1 Comments

  1. paul

    Well I think also one should take care of server hardening/server anonymization part that may help to defeat the majority of attackers.

Leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.