[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
AW: [cobalt-users] Security Programs
- Subject: AW: [cobalt-users] Security Programs
- From: "Steve" <smuecke@xxxxxxxxxxxxx>
- Date: Fri Mar 9 13:24:56 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
> >I have been hacked 2-3 times this month. I'm getting realy tired of this
> and
> >wonder if there is any good software that can help me. Please let me now
> the
> >best and cheapest programs to a Cobalt RAQ3-4 Server. The
> program I asking
> >for is like trojan finder, monitoring, portsecuring etc. Please let me
> know!
>
> PortSentry and LogCheck from Psionic.com are a good start, and relatively
> easy to install and run.
> http://www.psionic.com has both.
>
> For Trojans, try Chkrootkit:
> http://www.chkrootkit.org
>
> ipchains is another good firewall-type thingie:
> http://www.europe.redhat.com/documentation/HOWTO/IPCHAINS-HOWTO.php3
>
> Other firewall/real time packet checking thingies:
> Snort: http://www.snort.org
> TripWire: http://www.tripwire.com
>
> Someone was saying that one of the web stats packages had a security suite
> in it, but I can't remember the name...
>
> These are all the packages I've heard mentioned that I can
> remember. I hope
> this helps!
>
> -Dee Dreslough
> (Who also got hacked and has been reading with interest about all the new
> security 'thingies' being mentioned in here. :) )
I think protecting your server by programs is one thing, but does it improve
the security of a server if you let it only be root-accessed by SSH from a
single IP? What do you think of that and has anyone tried that yet?
steve