Security Basics mailing list archives

Re: securing linux webserver?

From: Hecber Cordova <hecber () gmail com>
Date: Tue, 01 Mar 2005 14:13:56 -0400

        Hi,

        Some Tips:

        - Apache:
                - Enable only needed modules in Apache.
                - Install mod_security, and run apache in a jail with
chroot.
                - Fix all security bugs in Apache installation (see
Bugtraq).
                - See modules like mod_access, mod_auth, mod_rewrite and
mod_ssl, may
help.
        - MySQL:
                - Be carefull with the databases/tables permissions. If
you run MySQL
in the same host than apache, you must run MySQL only in localhost.
                - Use other user than root (Database Superuser), to
connect your
applications in php.
        - Linux:
                - Prevent root login in SSH.
                - Change SSH port (default 22).
                - Permit only SSHv2.
                - Allow access by IP address (if possible).
                - Allow access by user.
                - Install and Configure SELinux, or another RBAC for
Linux Kernel.
                - Install and Configure iptables. Set default police to
DROP, and set
your own polices.
                - Install only needed package.
                - Install security fix for Linux Distribution.
                - Don't install X (you don't needed).


        Regards,

        Hécber Córdova

El dom, 27-02-2005 a las 18:04 -0800, Kurt Leum escribió:

sorry to be so noob,

A friend of mine set up a webserver:
http://www.globalgamesearch.com
problem is, he and I have no idea how to go about
securing it;
he started with SuSE Linux 9.1 with Apache 2.0, PHP
4.3.1, and MySQL out of the box and put it up.

about half an hour ago, an intruder broke in, replaced
SSHD with a back door, and pretty much screwed the
system up.

We're going to reinstall the system with minimal
programs, extremely secure permissions and a basic
firewall, but beyond that we have no clue what to do. 
Can anyone here please help me out on this? 
Thanks in advance for any help.


              
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250

Current thread:

securing linux webserver? Kurt Leum (Feb 28)
- Re: securing linux webserver? Alejandro Flores (Mar 01)
- Re: securing linux webserver? John Doe (Mar 01)
  - Re: securing linux webserver? Aman Raheja (Mar 01)
    - Re: securing linux webserver? Hamish Stanaway (Mar 03)
  - Re: securing linux webserver? Eduardo Kienetz (Mar 01)
    - Re: securing linux webserver? AragonX (Mar 02)
  - Re: securing linux webserver? xyberpix (Mar 01)
- Re: securing linux webserver? Hecber Cordova (Mar 01)
  - Re: securing linux webserver? Marco (Mar 01)
- Re: securing linux webserver? Hecber Cordova (Mar 02)
- Re: securing linux webserver? David Glosser (Mar 03)
- <Possible follow-ups>
- Re: securing linux webserver? Ivan Coric (Mar 01)
- RE: securing linux webserver? Smith, Ryan (Mar 01)
- Re: securing linux webserver? Kurt Leum (Mar 02)