New connection limiting in the web server or via iptables would be good.
Also.. don't put your site on Google. :)
On 10/26/2010 11:16 AM, Damien Hull wrote:
> I've spent the past few days making sure I get the right info from my server
> and locking it down. Sending this to the list to see if anyone can poke
> holes in my thinking or add anything I've left out.
>
> 1. Ubuntu 10.04 server - Web server with Apache
> 2. Logwatch for daily email on log files
> 3. Logcheck for an hourly analysis of important log info
> 4. tripwire to make sure nothings been changed
> 5. portsentry to keep out the bad guys
> 6. keys for ssh login. No more password logins
>
> The next step is to configure iptables / netfilter to close unused ports. If
> anyone can think of anything I've left out let me know. I don't want to be
> the IT guy that let hackers break into my web server.
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Oct 26 11:23:05 2010
This archive was generated by hypermail 2.1.8 : Tue Oct 26 2010 - 11:23:05 AKDT