Server Security
Posted
by mahatmanich
on Server Fault
See other posts from Server Fault
or by mahatmanich
Published on 2010-04-14T13:20:36Z
Indexed on
2010/04/14
13:33 UTC
Read the original article
Hit count: 584
I want to run my own root server (directly accessible from the web without a hardware firewall) with debian lenny, apache2, php5, mysql, postfix MTA, sftp (based on ssh) and maybe dns server.
What measures/software would you recomend, and why, to secure this server down and minimalize the attack vector? Webapplications aside ...
This is what I have so far:
- iptables (for gen. packet filtering)
- fail2ban (brute force attack defense)
- ssh (chang default, port disable root access)
modsecurity - is really clumsy and a pain (any alternative here?)
?Sudo why should I use it? what is the advantage to normal user handling
- thinking about greensql for mysql www.greensql.net
- is tripwire worth looking at?
- snort?
What am I missing? What is hot and what is not? Best practices?
I like "KISS" -> Keep it simple secure, I know it would be nice!
Thanks in advance ...
© Server Fault or respective owner