«
»

The first thing which you have to notice if you want to make your Dedicated Server Hosting secured is the behavior of your server. You will have to check if their are some strange activities or say processes which are going on your server.

1) Check the resources of the server and also if the resources are affected in some or the other way.
2) You can check CPU usage by issuing top command. Look for applications/scripts that consume your CPU.

3) Check for strange processes with ps -awux command.

4) Check your /tmp directory and also your /var/tmp directory for scripts/binaries copied there.

5) Sometimes attackers use the server to host a IRC bot (like psybnc or eggdrop) that connects to port 6667. If any of your applications connect to that port you can check with sockstat:

#sockstat | grep 6667

6) If the server does not have much traffic on it then you can use netstat command to see if suspect connections are made.

#netstat -a

7) Also, you can install and run an rootkit finder application (for example /usr/ports/security/rkhunter) at regular period of times for better security.

8) Check your open ports with nmap. See if you have other open ports than the ones you use for running your services.

[Post to Twitter] Tweet This

This entry was posted by admin on March 6, 2009 at 2:11 am under Dedicated Server Hosting, Linux Dedicated server, dedicated servers. Tagged , , , . You can leave a response, or trackback from your own site. Follow any responses to this entry through the RSS 2.0 feed.

Leave a Reply