What kind of server attacks should i be aware of nowadays
Posted
by Saif Bechan
on Server Fault
See other posts from Server Fault
or by Saif Bechan
Published on 2010-03-24T04:56:25Z
Indexed on
2010/03/24
5:03 UTC
Read the original article
Hit count: 294
I am recently running a web server, and there is a lot of information online, but it can all be a little confusing. I recently opened my logwatch logs and saw that i get attacked a lot by all sorts of bots.
Now I am interested in a list with things I definitely should be aware of nowadays, and possible ways to prevent them. I have read stories about server crashed by floods, crashed by email, and all sorts of crazy stuff.
Thing I already did:
I have recently blocked all my ports, except for the http and email ports.
I disabled IPv6, this was giving me a lot of named errors
I have turned on spam DNS blackhole lists to fight spam
- sbl.spamhaus.org;
- zen.spamhaus.org;
- b.barracudacentral.org;I installed and configured mod_security2 on apache
There is no remote access possible to my databases
That is all i did so far, further I am not aware of any other threats. I want to know if the following things have to be protects.
- Can I be flooded by emails. How can i prevent this
- Can there be a break in or flood of my databses
- Are there things like http floods or whatever
- Are there any other things i should know before i go public with my server
I also want to know if there is some kind of checklist with must-have security protections. I know the OWASP list for writing good web applications, is there something for configuring a server.
© Server Fault or respective owner