Recent Changes - Search:
Thanks to OZU Thanks to OZU
Linked In

links

Reviews

Admin

edit SideBar

RedhatSecuirty

All the following are using root from a ssh window.

Updating the OS

  • yum update

installing clamav

  • wget -q -O - http://www.atomicorp.com/installers/atomic |sh
  • yum install clamav
  • freshclam (this command should update the versions, should do in cron)
  • clamav -i -r /var/www --log=/var/log/clamscan.log

  • To run antivirus as a cron job (automatically scan daily) just run crontab -e from your command line. Then add the following line and save the file.
    • 02 1 * * * root clamscan -i -r /var/www

installing rootkit hunter

  1. wget http://garr.dl.sourceforge.net/sourceforge/rkhunter/rkhunter-1.3.4.tar.gz
  2. tar -zxvf rkhunter-1.3.4.tar.gz
  3. cd rkhunter-1.3.4
  4. ./installer.sh –-layout default –-install
  5. rkhunter -c
  6. vi /etc/cron.daily/rkhunter.sh
    #!/bin/bash
    (/usr/local/bin/rkhunter -c –cronjob 2>&1 | mail -s “Your Daily RKHunter Scan Report” mail@yourdomain.com)
    
  7. chmod +x /etc/cron.daily/rkhunter.sh

Scanning

Install Mod_Security On Plesk Server(Centos)

Install mod_security with YUM. This tool can prevent a lot of problems, file injections, attacks etc to apache.

  1. wget -q -O – http://www.atomicorp.com/installers/atomic.sh | sh
  2. yum install mod_security

You can get the Free Mod_Security Rules.

  1. cd /etc/httpd/modsecurity.d/

Download rules:

  1. wget http://downloads.prometheus-group.com/delayed/rules/modsec-2.5-free-latest.tar.gz

Extract it :

  1. tar -zxvf modsec-2.5-free-latest.tar.gz

Note: Make sure that 00_asl_rbl.conf, 00_asl_whitelist.conf will be uninstalled, renamed or deleted. You can disable some rules what you do not need or create problems. After you done all with your modification restart the apache.

  1. /etc/init.d/httpd restart

Adding multicast routing to redhat.

  1. Add multicast routing: route add -net 224.0.0.0 netmask 240.0.0.0 dev eth0
  2. Optionally enable mutlicast icmp: echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
Edit - History - Print - Recent Changes - Search
Page last modified on April 27, 2010, at 12:50 PM