BLOG HOME -  UK WEB HOSTING -  PHP MYSQL HOSTING -  RESELLER HOSTING -  eUKhost FORUMS -  VPS HOSTING

CONFIGSERVER FIREWALL!

November 29, 2006 at 11:47 am · Filed under Server Security

FIREWALL:
A simple plug-in appliance that stops spam at its entry point.A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.CSF:
configserverfirewall is an application for cpanel Server running on linux.(RH9, RHE3/4, CentOS3/4, Fedora Core 1/2/3/4/5.)
The csf provides comprehensive, straight-forward, easy and flexible way to configure and secure with more checks to ensure smooth operation.The csf checks the following,

* courier imap and pop3
* ssh
* non-ssl cpanel / whm / webmail (ssl cpanel/whm login tracking support available in EDGE release)

* pure-pftd
* password protected web pages (htpasswd)
* mod_security failures
* POP3/IMAP login tracking to enforce logins per hour
* SSH login notification
* Pre-configured to work on a cPanel server with all the standard cPanel ports open
* Auto-configures the SSH port if it’s non-standard on installation
* Block traffic on unused server IP addresses - helps reduce the risk to your server
* Alert when end-user scripts sending excessive emails per hour - for identifying spamming scripts
* Suspicious process reporting - reports potential exploits running on the Server

Installing CSF:
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

digg this

« Difference Between “Hits” and “Visits”
Linux security document. »

This post is compiled by eUKhost.com

Leave a Comment

You must be logged in to post a comment.