What kind of server attacks should i be aware of nowadays
- by Saif Bechan
I am recently running a web server, and there is a lot of information online, but it can all be a little confusing. I recently opened my logwatch logs and saw that i get attacked a lot by all sorts of bots.
Now I am interested in a list with things I definitely should be aware of nowadays, and possible ways to prevent them. I have read stories about server crashed by floods, crashed by email, and all sorts of crazy stuff.
Thing I already did:
I have recently blocked all my ports, except for the http and email ports.
I disabled IPv6, this was giving me a lot of named errors
I have turned on spam DNS blackhole lists to fight spam
- sbl.spamhaus.org;
- zen.spamhaus.org;
- b.barracudacentral.org;
I installed and configured mod_security2 on apache
There is no remote access possible to my databases
That is all i did so far, further I am not aware of any other threats. I want to know if the following things have to be protects.
Can I be flooded by emails. How can i prevent this
Can there be a break in or flood of my databses
Are there things like http floods or whatever
Are there any other things i should know before i go public with my server
I also want to know if there is some kind of checklist with must-have security protections. I know the OWASP list for writing good web applications, is there something for configuring a server.