Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > General > Big Board Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Securing Your Server? Details »»
Securing Your Server?
Version: , by AdminNation AdminNation is offline
Developer Last Online: Jan 2008 Show Printable Version Email this Page

Version: Unknown Rating:
Released: 03-12-2006 Last Update: Never Installs: 0
 
No support by the author.

In the past week or so we've had countless attempts at people trying to hack into our sever, most noteably when somebody tried to get FTP access to corrupt files, but made sure to spoof an admin IP so it would go unnoticed. So, as you can imagine, we're starting to get a bit paranoid. Aside from install most of the 3.5.2-4 security hacks on this board (which was already somewhat planned), what else can be done in terms of server configuration, software, firewall settings, ect to help better secure our box?

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #2  
Old 03-12-2006, 03:30 AM
Trigunflame's Avatar
Trigunflame Trigunflame is offline
 
Join Date: Aug 2002
Posts: 742
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by AdminNation
In the past week or so we've had countless attempts at people trying to hack into our sever, most noteably when somebody tried to get FTP access to corrupt files, but made sure to spoof an admin IP so it would go unnoticed. So, as you can imagine, we're starting to get a bit paranoid. Aside from install most of the 3.5.2-4 security hacks on this board (which was already somewhat planned), what else can be done in terms of server configuration, software, firewall settings, ect to help better secure our box?
Lockdown php with open_basedir for PHP stuff.
Server side, compile a monolithic kernel with grsec, preferably a 2.6.x build.
As for FTP server, it depends which you are using and if its chrooted or not.
Chroot your nameserver, webserver, and FTP if its not already along with any other public services.
Firewall settings are going to be geared mainly towards deflecting illegitimate traffic, that being udp floods, tcp connections, concurrent request etc..
Prevent direct root login, make sure you have to login as a system user first then su- to root; also change SSH to a higher level port thats not currently in use, possibly change ftp to another port as well.
Reply With Quote
  #3  
Old 03-12-2006, 03:58 AM
turkforum turkforum is offline
 
Join Date: Oct 2004
Posts: 88
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I do Close all unnecessary ports. Update the server every day. Check the Logs. let my mods change their pass every month or week (admins). And still looking for a nice firewall for a windows machine.
Reply With Quote
  #4  
Old 03-12-2006, 10:17 AM
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Location: Nottingham, UK
Posts: 23,748
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by turkforum
And still looking for a nice firewall for a windows machine.
Have you tried Winroute Pro ?
Reply With Quote
  #5  
Old 03-12-2006, 05:59 PM
cirisme cirisme is offline
 
Join Date: Jan 2003
Posts: 136
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I use DenyHosts to help in the security fight.
Reply With Quote
  #6  
Old 03-13-2006, 10:02 PM
who is chris c who is chris c is offline
 
Join Date: Sep 2005
Posts: 46
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

also you can move ftpd to a secureftpd (data encryption)
Reply With Quote
  #7  
Old 03-13-2006, 10:29 PM
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Posts: 7,604
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Don't use ftp - close that port, and use only ssh2.
Reply With Quote
  #8  
Old 03-19-2006, 11:47 AM
GrCh_Jeff's Avatar
GrCh_Jeff GrCh_Jeff is offline
 
Join Date: Dec 2005
Posts: 68
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Erwin
Don't use ftp - close that port, and use only ssh2.
is that like ftp?
Reply With Quote
  #9  
Old 03-21-2006, 12:21 AM
who is chris c who is chris c is offline
 
Join Date: Sep 2005
Posts: 46
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

ssh is an encrypted telnet protocol:

Ssh2 (Secure Shell) is a program for logging in on a remote machine and
executing commands on a remote machine. It is intended to replace rlogin
and rsh, and provide secure, encrypted communication channels between two
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over such secure channels.
Reply With Quote
  #10  
Old 03-21-2006, 03:28 AM
mikeylikesitz's Avatar
mikeylikesitz mikeylikesitz is offline
 
Join Date: Apr 2002
Posts: 180
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

and for those of you who dont know about winscp, it is a great windows based ssh transfer program.

http://winscp.net/eng/docs/introduction

i dont use ftp at all on my server, only ssh on a higher port and this program.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:29 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.08003 seconds
  • Memory Usage 2,287KB
  • Queries Executed 23 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (3)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (9)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete