get ;
1. fail2ban - it blocks failed login ips etc 2. get shorewall or any iptables front end and restrict ips to the ranges u need ( or even specific ips) 3. run ssh on a nonstandard port 4. good, long password
these steps will go a long way and will get u started.
----- Original Message ----
From: Mag Gam magawake@gmail.com To: CentOS mailing list centos@centos.org Sent: Sunday, June 28, 2009 3:21:25 AM Subject: [CentOS] server is always getting hacked
WE have a centos 5.3 install, and our server is keep getting hacked. We see load averages of 500+ and see people from all over the world logging into our server (used last).
Is there a good place to start to avoid these kinds of things?
For example, here is what I already did.
Open up sshd port only setup iptables to only accept port 80 and 22 No FTP No other ports are allowed according to IP Tables.
I am not sure what else measures I can take. Can someone please assist?
TIA _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos