Tuesday , 24 January 2017
Home » Server Security

Server Security

Install and Configure CSF (Config Server Firewall) on CentOS/Cpanel

CSF : It is the abbreviation of Config Server Security & Firewall. CSF is for configuring or managing your server firewall easily and simply. Here is some useful steps to Install , configure and uninstall csf on server with CentOS. Installation Process: SSH to your server and do the following steps as root user. Step 1: Downloading csf package. rm -fv …

Read More »

Log the Total Number of Connections to a Port From an IP Address

Is there any log entries to find-out directly the total number of connections in server? In some high connection high load servers, this log would be helpful to monitor and tune the server with number of connections on it. We can simply sort out the total number of connections in a port by using the command netstat. There isn’t any …

Read More »

Hardening your TCP/IP Stack Against SYN Floods

Denial of service (DoS) attacks launch via SYN floods can be very problematic for servers that are not properly configured to handle them. Proper firewall filtering policies are certainly usually the first line of defense, however the Linux kernel can also be hardened against these types of attacks. This type of hardening is useful for SYN floods that attempt to …

Read More »

How To Install APF Firewall on Cpanel

Advanced Policy Firewall, or APF, is basically an interface to iptables, which is the standard interface to managing network ports on Linux machines. Interacting with iptables can be complex and error-prone, and APF greatly simplifies working with it. However, APF is still only accessible by ssh. There is no way to make changes in APF through WHM or cPanel. All of the APF configuration files are located in the /etc/apf folder …

Read More »

CVE-2014-6271 – Critical BASH vulnerability discovered (Shellshock)

Critical BASH vulnerability discovered – update BASH on your CentOS Linux server!!! ## Shellshock vulnerability ## Summary >> A critical code execution vulnerability (Remote) affecting bash (Unix shell) has been discovered on September 24, 2014. >> The vulnerability occurs because bash does not stop after processing the function definition; it continues to parse and execute shell commands following the function …

Read More »

Install Rkhunter

Overview rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. Instructions 1. Log into your …

Read More »