[CentOS] server is always getting hacked

Mag Gam magawake at gmail.com
Sat Jun 27 19:21:25 UTC 2009


WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).

Is there a good place to start to avoid these kinds of things?

For example, here is what I already did.

Open up sshd port only
setup iptables to only accept port 80 and 22
No FTP
No other ports are allowed according to IP Tables.


I am not sure what else measures I can take. Can someone please assist?

TIA



More information about the CentOS mailing list