Results 1 to 2 of 2

Thread: My Securty

  1. #1
    Join Date
    May 2008
    Posts
    2

    Default My Securty

    Figured i'd share what i use for my security to help out my fellow admins here abouts.

    First of all i setup IPtables and use them to kill any attempts to bruteforce ssh. Depending on how anal you are the rules may vary, i suggest just googling ssh bruteforce iptables to find some examples.

    Secondly, and this one is important IMO, setup PortSentry. PortSentry allows you to appear to have many ports open, that are not there (all configurable based on which ports you really do have open). Then, once PortSentry is running if someone runs nmap on you, they get no useful information. Even further, when someone attempts to connect to the fake ports, they will be added to hosts.deny. This also means with more sophisticated scanners (or nmap configured to be more intrusive) they will trigger the block as well. The only negative is if your users go poking around they could screw themselves, but if they are not supposed to be on those ports everything should be working as planned.

  2. #2
    Join Date
    Dec 2007
    Posts
    1,141

    Default

    It sounds as though you are making security a priority - always a good idea.

    I have added SentryTools to our Security Best Practices guide on the VPSLink Wiki.

    If you would like to share your favorite PortSentry configuration, you are welcome to sign up and do so on our wiki.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •