[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Security considerations on internet facing VPS server

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Security considerations on internet facing VPS server
From: Rob Beard <rob@xxxxxxxxxxxxx>
Date: Tue, 22 Jun 2010 10:56:14 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx

On 22/06/10 10:12, James Andrews wrote:

The problem with rkhunter or chkrootkit is that they can be fooled by a
compromised system.  Ideally they should be run when booting from a
different device to usual
Although I have had "success" with chkrootkit, if that's the right word
Tripwire is a quite good tool at this level of defense
The aim is to stop the attacks before they get to this stage.  If
rkhunter finds anything then the only course of action is to reinstall
the entire system
There are plenty of guides for "hardening" but I'm sure you understand
the basics: don't run anything you don't have to, tightly control
access, review all logs regularly

Yep that's what I was thinking. I figured if I installed it on a freshinstall then hopefully it would pick anything up.


I'll do a bit more searching on hardening and see what I can find.

Rob

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] Security considerations on internet facing VPS server
  - From: Rob Beard
- Re: [LUG] Security considerations on internet facing VPS server
  - From: James Andrews

Prev by Date: Re: [LUG] Wifi woes
Next by Date: Re: [LUG] Wifi woes
Previous by thread: Re: [LUG] Security considerations on internet facing VPS server
Next by thread: Re: [LUG] Security considerations on internet facing VPS server
Index(es):
- Date
- Thread