|
发表于 2013-4-15 22:27:06
|
显示全部楼层
我曾经使用过的一些 server management 的公司给出了如下一些基本防护:
---------------------------------------------------------------------------------------------------------------------------------------------
CHKRootKit - a simple program that detects hacker software and notifies you if any has been detected via email
RootKit Hunter - scanning tool to ensure your system does not have any backdoors or exploits
Securing and Upgrading of SSH Server - increases security during ssh connections
APF or CSF Firewall - most commonly used policy based iptables firewall
Anti-DoS configuration - helps mitigate denial of service type attacks
Brute Force Detection - notifies you of numerous login authentication failures and automatically blocks the attackers ip in the firewall
Log Analysis Software Installation - Emails are dispatched daily, the amount of detail in the emails can be changed on request
System Integrity Monitor - 24x7 Internal Monitor that checks all services and restarts them if they are down
SPRI - changes the priority of different processes in accordance to level of importance, hence increasing server performance
Secure and Optimize Apache (HTTP) - tweaks apache to perform better, and prevent unnecessary information from being easily seen
MySQL optimization - increases performance of MySQL
host.conf hardenening - prevent dns lookup poisoning & spoofing protection
nsswitch.conf modification - secure and optimize DNS lookups
sysctl.conf hardening - helps prevent TCP/IP stack from syn-flood attacks and other network abuses
FTP Hardening - upgrade and secure your ftp software
Removal of unused software - prevents exploits and wasted resources
Removal of old logs - regain wasted space by deleting old archived logs
Shell Fork Bomb/Memory Hog Protection - prevents a user logged into a shell from consuming all the resources on the server
Root Logger - logs and emails you everytime someone accesses root with the timestamp and their ip address
MyTOP - tool for monitoring MySQL threads and processes
MultiTail - view multiple log files simultaneously
TMP Directory hardening ( /tmp, /var/tmp, /dev/shm) - helps prevents execution of malicious scripts
Password Scanner - scans for easy to guess and common passwords
Filemanager - allows you to edit system files through WHM in case SSH is inaccessible
Firewall Admin - allows you to edit firewall allow & deny list and config through WHM
Mod_Security - protects against common url based hack injections (installed upon specific request only)
Mod_Evasive - defends http based attacks (installed upon specific request only)
PHP Tightening - tweaks php to run in a safer and restricted evironment (installed upon specific request only) |
|