linux的服务器一般需要做那些防护
就开了ssh和web服务,web方面做了防刷,ssh用了非常强大的密码,20位,大小写+特殊符号+数字,全用上,除此之外基本没做其他设置了俺也想知道,坐等牛人 我只知道把密码设置复杂点,其他的真不知道。 嗯,感觉论坛缺少服务器安全这块的文章,希望有懂行的朋友开个专题就好了! 不记得了。印象中linux主要的管理方法就是用文件来管理。我拆应该是在某个文件夹的权限,只要root账户在由他们怎么搞。在学校玩的windows服务。 请教下web方面做防刷怎么做的?
我目前做的只是修改ssh端口,ssh需要证书登录,防火墙只开需要的端口。另外注意网站的上传功能,防止上传恶意代码。 我曾经使用过的一些 server management 的公司给出了如下一些基本防护:
---------------------------------------------------------------------------------------------------------------------------------------------
CHKRootKit - a simple program that detects hacker software and notifies you if any has been detected via email
RootKit Hunter - scanning tool to ensure your system does not have any backdoors or exploits
Securing and Upgrading of SSH Server - increases security during ssh connections
APF or CSF Firewall - most commonly used policy based iptables firewall
Anti-DoS configuration - helps mitigate denial of service type attacks
Brute Force Detection - notifies you of numerous login authentication failures and automatically blocks the attackers ip in the firewall
Log Analysis Software Installation - Emails are dispatched daily, the amount of detail in the emails can be changed on request
System Integrity Monitor - 24x7 Internal Monitor that checks all services and restarts them if they are down
SPRI - changes the priority of different processes in accordance to level of importance, hence increasing server performance
Secure and Optimize Apache (HTTP) - tweaks apache to perform better, and prevent unnecessary information from being easily seen
MySQL optimization - increases performance of MySQL
host.conf hardenening - prevent dns lookup poisoning & spoofing protection
nsswitch.conf modification - secure and optimize DNS lookups
sysctl.conf hardening - helps prevent TCP/IP stack from syn-flood attacks and other network abuses
FTP Hardening - upgrade and secure your ftp software
Removal of unused software - prevents exploits and wasted resources
Removal of old logs - regain wasted space by deleting old archived logs
Shell Fork Bomb/Memory Hog Protection - prevents a user logged into a shell from consuming all the resources on the server
Root Logger - logs and emails you everytime someone accesses root with the timestamp and their ip address
MyTOP - tool for monitoring MySQL threads and processes
MultiTail - view multiple log files simultaneously
TMP Directory hardening ( /tmp, /var/tmp, /dev/shm) - helps prevents execution of malicious scripts
Password Scanner - scans for easy to guess and common passwords
Filemanager - allows you to edit system files through WHM in case SSH is inaccessible
Firewall Admin - allows you to edit firewall allow & deny list and config through WHM
Mod_Security - protects against common url based hack injections (installed upon specific request only)
Mod_Evasive - defends http based attacks (installed upon specific request only)
PHP Tightening - tweaks php to run in a safer and restricted evironment (installed upon specific request only) floor 发表于 2013-4-15 21:48 static/image/common/back.gif
请教下web方面做防刷怎么做的?
我目前做的只是修改ssh端口,ssh需要证书登录,防火墙只开需要的端口。另外 ...
防刷就是封ip,我目前把大陆的ip都封了,大块头,3k多w个 enafull 发表于 2013-4-15 22:44 static/image/common/back.gif
防刷就是封ip,我目前把大陆的ip都封了,大块头,3k多w个
可以直接封国家的。。。 ssh 改端口 肯定要做的 河小马 发表于 2013-4-15 22:52 static/image/common/back.gif
可以直接封国家的。。。
我就是封的国家,不过具体实现也需要一段段的封ip 满意沟通 发表于 2013-4-15 23:38 static/image/common/back.gif
ssh 改端口 肯定要做的
ssh改端口,个人感觉没用,用个软件扫描下,你这服务器开的什么服务,都晓得了,重要的还是加强密码,窃以为最少20位,大小写+数字+特殊字符,没有几年功夫,怕是扫不开 这个ip扫我ssh 1个月了,感觉有点怕怕,出了加强密码,没有更好的办法 enafull 发表于 2013-4-16 09:05 static/image/common/back.gif
这个ip扫我ssh 1个月了,感觉有点怕怕,出了加强密码,没有更好的办法
请问这个Log是在哪里看的啊 哈哈,我用public key登录
这样即使别人知道密码,也登录不了,必须要有私钥
另外,用了DDoS deflate防刷
其它的就是系统监控了:lol
页:
[1]
2