What kind of server attacks should i be aware of nowadays

Posted by Saif Bechan on Server Fault See other posts from Server Fault or by Saif Bechan
Published on 2010-03-24T04:56:25Z Indexed on 2010/03/24 5:03 UTC
Read the original article Hit count: 294

Filed under:
|
|
|

I am recently running a web server, and there is a lot of information online, but it can all be a little confusing. I recently opened my logwatch logs and saw that i get attacked a lot by all sorts of bots.

Now I am interested in a list with things I definitely should be aware of nowadays, and possible ways to prevent them. I have read stories about server crashed by floods, crashed by email, and all sorts of crazy stuff.

Thing I already did:

  • I have recently blocked all my ports, except for the http and email ports.

  • I disabled IPv6, this was giving me a lot of named errors

  • I have turned on spam DNS blackhole lists to fight spam
    - sbl.spamhaus.org;
    - zen.spamhaus.org;
    - b.barracudacentral.org;

  • I installed and configured mod_security2 on apache

  • There is no remote access possible to my databases

That is all i did so far, further I am not aware of any other threats. I want to know if the following things have to be protects.

  • Can I be flooded by emails. How can i prevent this
  • Can there be a break in or flood of my databses
  • Are there things like http floods or whatever
  • Are there any other things i should know before i go public with my server

I also want to know if there is some kind of checklist with must-have security protections. I know the OWASP list for writing good web applications, is there something for configuring a server.

© Server Fault or respective owner

Related posts about server

Related posts about protection