How do I permit specific users SSH access?

We will be primarily working with one configuration file in this article: OpenSSH – /etc/ssh/sshd_config OpenSSH For locking down which users may or may not access the server you will want to look into one, or more, of the following directives: User/Group Based Access AllowGroups This keyword can be followed by a list of group… Continue reading How do I permit specific users SSH access?

Chrootkit help

SSH as admin to your server. DO NOT use telnet, it should be disabled anyways. #Change to root su – #Type the following wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz # Check the MD5 SUM of the download for security: ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5 md5sum chkrootkit.tar.gz #Unpack the tarball using the command tar xvzf chkrootkit.tar.gz #Change to the directory it created cd chkrootkit*… Continue reading Chrootkit help

Rootkit help

RootKit — Spyware and Junkware detection and removal tool Go to Rootkit Hunter homepage, and download the latest release. http://www.rootkit.nl/projects/rootkit_hunter.html ## Get the latest source and untar # cd /usr/src/utils # wget http://downloads.rootkit.nl/rkhunter-<version>.tar.gz # tar xfz rkhunter-*.gz # cd rkhunter # ./installer.sh ## run rkhunter # rkhunter -c Setup automatic protection on System Reboot ##… Continue reading Rootkit help

URL injections information

URL Injection attacks typically mean the server for which the IP address of the attacker is bound is a compromised server. Please check the server behind the IP address above for suspicious files in /tmp, /var/tmp, /dev/shm, along with checking the process tree (ps -efl or ps -auwx). You may also want to check out http://www.chkrootkit.org/… Continue reading URL injections information

Securing the TMP Partition and Tracking Hacks

Are your temp partitions putting out behind your back? Anyone who’s ever administered a Linux server would know the risk of leaving the /tmp directory unsecured, moreso on a webserver that is shared among multiple websites. The tmp directory is world-writeable and used by a majority of services on a machine — including the storage… Continue reading Securing the TMP Partition and Tracking Hacks

Installing IonCube loader with Zend Optimizer – cPanel

This is a common request we get for Ioncube to be installed. It’s generally not an issue, but when you factor in other optimization plugins like Zend and eAccelerator, a common misconception is that the three don’t get along. It’s very easy to install Ioncube into a PHP installation that already has Zend and eAccelerator.… Continue reading Installing IonCube loader with Zend Optimizer – cPanel

Preventing DDOS Attacks with Mod_Evasive

Denial of Service attacks are among the oldest yet most common form of attacking a server. Most system administrators have had to deal with DOS attacks taking down a server, router, or other networking device and know how difficult they can be to prevent. Mod_evasive is an Apache module that limits the number of Apache… Continue reading Preventing DDOS Attacks with Mod_Evasive