Jump to content

server security question

Luis Manson

Recommended Posts

Luis Manson Collaborator

Luis Manson

Posted
Posted

Hello, i have a mad user threating me with hacking the server with DoS, sql injection and all the mambo jumbo... im not THAT scared, but i think its time to take security seriously, would you share what you have on your server to protect against all this?

im using mostly iptables and limit services connection to certain addresses

thanks!

Link to comment
Share on other sites
Grumpy Apprentice

Grumpy

Posted
Posted

If you know who... u can report to the police. lol
pwn in real life is always more effective. ^^

--------------
With truly heavy ddos, there's frankly little you can do to combat it than throw lots of money at it. And I mean LOTS...
With dos, often just IP ban is sufficient. You can even ask your hosting provider to have that IP banned at network level.
With sql injection, you can cross your fingers that IPB did the job.
With xss attacks, you can cross your fingers that IPB did the job.
With random unwanted connections, you can use iptables for a strict settings and/or opt for something more well controlled like configserverfirewall (CSF).
With worries that you may already be at a problem, things like fail2ban, rootkit hunter, etc may be useful.
With system settings... well... hire a sysadmin. Not exactly a one liner.

Link to comment
Share on other sites
Luis Manson Collaborator

Luis Manson

Posted
  • Author
Posted

He's likely a skiddy who at best would try and LOIC you from his home network.



I wouldn't take the threat seriously, honestly. Google can show you some ways to defend and deter DoS attacks if you're worried though.




The problem with that is that even if he is just playing with me i cant know for sure

It was not easy to google LOIC, i tought it was something space related with that name and ignored the search results LOL


iirc you're running varnish right?


supposed to help and the attackers get served from cache.



blocked a lot of crap automatically using CSF myself.




Yes, i have varnish :) sadly it cant limit requests :(

CSF: http://configserver.com/cp/csf.html ?


Gary installed Fail2Ban and Rootkit Hunter for me and I feel safer.




i have them :)

If you know who... u can report to the police. lol


pwn in real life is always more effective. ^^



--------------


With truly heavy ddos, there's frankly little you can do to combat it than throw lots of money at it. And I mean LOTS...


With dos, often just IP ban is sufficient. You can even ask your hosting provider to have that IP banned at network level.


With sql injection, you can cross your fingers that IPB did the job.


With xss attacks, you can cross your fingers that IPB did the job.


With random unwanted connections, you can use iptables for a strict settings and/or opt for something more well controlled like configserverfirewall (CSF).


With worries that you may already be at a problem, things like fail2ban, rootkit hunter, etc may be useful.


With system settings... well... hire a sysadmin. Not exactly a one liner.




Report to the police here? it would be easier to get his address and send some nice guys


i will give CSF a try!
Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Invision Community © 2024 IPS, Inc.
×
×
  • Create New...