Server Security

CSF : It is the abbreviation of Config Server Security & Firewall. CSF is for configuring or managing your server firewall easily and simply. Here is some useful steps to Install , configure and uninstall csf on server with CentOS. Installation Process: SSH to your server and do the following steps as root user. Step 1: Downloading csf package. rm -fv …

Is there any log entries to find-out directly the total number of connections in server? In some high connection high load servers, this log would be helpful to monitor and tune the server with number of connections on it. We can simply sort out the total number of connections in a port by using the command netstat. There isn’t any …

Denial of service (DoS) attacks launch via SYN floods can be very problematic for servers that are not properly configured to handle them. Proper firewall filtering policies are certainly usually the first line of defense, however the Linux kernel can also be hardened against these types of attacks. This type of hardening is useful for SYN floods that attempt to …

Advanced Policy Firewall, or APF, is basically an interface to iptables, which is the standard interface to managing network ports on Linux machines. Interacting with iptables can be complex and error-prone, and APF greatly simplifies working with it. However, APF is still only accessible by ssh. There is no way to make changes in APF through WHM or cPanel. All of the APF configuration files are located in the /etc/apf folder …

Critical BASH vulnerability discovered – update BASH on your CentOS Linux server!!! ## Shellshock vulnerability ## Summary >> A critical code execution vulnerability (Remote) affecting bash (Unix shell) has been discovered on September 24, 2014. >> The vulnerability occurs because bash does not stop after processing the function definition; it continues to parse and execute shell commands following the function …

very serious security problem has been found in the Linux kernel. A 0-day local privilege escalation vulnerability has existed since 2012. This bug affects millions of Android or Linux applications to escalate privileges. Any server or desktop (32 or 64 bit) with Linux Kernel version 3.8+ is vulnerable. How do I fix this problem? The bug As per the original …

Overview rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. Instructions 1. Log into your …