Hi,
Some Tips:
- Apache:
- Enable only needed modules in Apache.
- Install mod_security, and run apache in a jail with
chroot.
- Fix all security bugs in Apache installation (see
Bugtraq).
- See modules like mod_access, mod_auth, mod_rewrite and
mod_ssl, may
help.
- MySQL:
- Be carefull with the databases/tables permissions. If
you run MySQL
in the same host than apache, you must run MySQL only in localhost.
- Use other user than root (Database Superuser), to
connect your
applications in php.
- Linux:
- Prevent root login in SSH.
- Change SSH port (default 22).
- Permit only SSHv2.
- Allow access by IP address (if possible).
- Allow access by user.
- Install and Configure SELinux, or another RBAC for
Linux Kernel.
- Install and Configure iptables. Set default police to
DROP, and set
your own polices.
- Install only needed package.
- Install security fix for Linux Distribution.
- Don't install X (you don't needed).
Regards,
Hécber Córdova
El dom, 27-02-2005 a las 18:04 -0800, Kurt Leum escribió:
> sorry to be so noob,
>
> A friend of mine set up a webserver:
> http://www.globalgamesearch.com
> problem is, he and I have no idea how to go about
> securing it;
> he started with SuSE Linux 9.1 with Apache 2.0, PHP
> 4.3.1, and MySQL out of the box and put it up.
>
> about half an hour ago, an intruder broke in, replaced
> SSHD with a back door, and pretty much screwed the
> system up.
>
> We're going to reinstall the system with minimal
> programs, extremely secure permissions and a basic
> firewall, but beyond that we have no clue what to do.
> Can anyone here please help me out on this?
> Thanks in advance for any help.
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail - Find what you need with new enhanced search.
> http://info.mail.yahoo.com/mail_250
Received on Mar 02 2005
Intro
