Optimized CSF LFD to miminize false positive emails on new install? Centos6.2 + ISPConfig3
Posted
by
Damainman
on Server Fault
See other posts from Server Fault
or by Damainman
Published on 2012-06-05T20:21:01Z
Indexed on
2012/06/05
22:42 UTC
Read the original article
Hit count: 525
I have a remote dedicated server running CentOS 6.2 x64bit with ISPConfig3. This is a brand new install.
Server Purpose: Basic LAMP Web Hosting with PureFTPD, BIND, CLAMAV, RKHunter.
Any advice or link to a guide which will clearly explain how to optimize the CSF+LFD configuration is greatly appreciated. I am not exactly sure on where to start what I shouldn't loosen the restrictions on.
At the moment my inbox is flooding with alerts from LFD such as:
- Suspicious process running under user postfix
- Excessive resource usage: haldaemon
- Account: haldaemon
- Resource: Process Time
- Exceeded: 1823 > 1800 (seconds)
- Executable: /usr/sbin/hald
- Command Line: hald
- PID: 1031
- Killed: No
- Excessive resource usage: amavis
- Time: Tue Jun 5 12:43:35 2012 -0700
- Account: amavis
- Resource: Virtual Memory Size
- Exceeded: 330 > 200 (MB)
- Executable: /usr/bin/perl
- Command Line: amavisd (virgin child)
- PID: 27931
- Killed: No
- Excessive resource usage: apache
- Time: Tue Jun 5 12:35:33 2012 -0700
- Account: apache
- Resource: Virtual Memory Size
- Exceeded: 437 > 200 (MB)
- Executable: /usr/sbin/httpd
- Command Line: /usr/sbin/httpd
- PID: 27286
- Killed: No
© Server Fault or respective owner