£49/server
Check Server Security
CHKRootKit : Detects hacker software and notifies via email
RootKit Hunter: A utility that checks the server for backdoors and harmful malware.
APF or CSF: A policy-based iptables firewall solution for simple iptables rule setting.
SSH Securing: For a better security of ssh connections.
Host.conf Hardening: IP spoofing and DNS poisoning are prevented.
Sysctl.conf Hardening: Defends against syn-flood assaults and other network abuses.
FTP Hardening: Secure FTP software by upgrading to latest version
TMP Hardening: Hardening /tmp, /var/tmp, /dev/shm for preventing the execution of malicious scripts and codes.
PHP Tightening: Tweak PHP by changing the parameters of php configuration for better security and performance.
PHP Upgrade: Compile PHP to its latest stable version which increases server security.
Shell Fork Bomb/Memory Hog Protection: Security against Telnet/SSH users consuming all server resources and causing a system crash.
Update Control Panel to latest version
Install Logwatch for investigating any suspicious activity on the server
Turn off unused services and daemons
Disabling Chargen to prevent an attacker from abusing the server in order to interrupt another server
Symlink Protection
Kernel Hardening
Crontab Hardening
MySQL Hardening
£61/server
Check Server Security
CHKRootKit : Detects hacker software and notifies via email
RootKit Hunter: A tool which scans for backdoors and malicious softwares present in the server.
APF or CSF: A policy-based iptables firewall solution for simple iptables rule setting.
SSH Securing: For a better security of ssh connections.
Host.conf Hardening: Prevents IP spoofing and dns poisoning
Sysctl.conf Hardening: Defends against syn-flood assaults and other network abuses.
FTP Hardening: Secure FTP software by upgrading to latest version
TMP Hardening: Hardening /tmp, /var/tmp, /dev/shm for preventing the execution of malicious scripts and codes.
PHP Tightening: Tweak PHP by changing the parameters of php configuration for better security and performance.
PHP Upgrade: Compile PHP to the most recent stable version, which improves server security.
Shell Fork Bomb/Memory Hog Protection: Security against Telnet/SSH users consuming all server resources and causing a system crash.
Update Control Panel to latest version
Install Logwatch for investigating any suspicious activity on the server
Turn off unused services and daemons
Disabling Chargen to prevent the server from being used by an attacker to disrupt another server.
Symlink Protection
Kernel Hardening
Crontab Hardening
MySQL Hardening
ClamAV: Is a cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses
Root Logger Notification of root access when someone login as root in the server along with the timestamp and ip address information.
Email Password Scan
Logwatch: Install Logwatch and review logwatch emails. Investigate any suspicious activity on the server.
IFTOP: Install IFTOP which displays a frequently updated list of network bandwidth utilization (source and destination hosts) that passing through the network interface
Turn off compilers. The majority of rootkits are precompiled, although not all of them. It also prevents shell users from compiling any irc-related apps.
Enable PHP open_basedir Protection: PHP open_basedir protection prevents users from opening files outside of their home directory with php
£72/server
Check Server Security
CHKRootKit : Detects hacker malware and sends an email notification.
RootKit Hunter: A utility that checks the server for backdoors and harmful malware.
APF or CSF: A policy-based iptables firewall system that allows for the simple setting of iptables rules.
SSH Securing: For a better security of ssh connections.
Host.conf Hardening: Prevents IP spoofing and dns poisoning
Sysctl.conf Hardening: Defends against syn-flood assaults and other network abuses.
FTP Hardening: Upgrade to the newest version of FTP software to ensure security.
TMP Hardening: Hardening /tmp, /var/tmp, /dev/shm for preventing the execution of malicious scripts and codes.
PHP Tightening: Tweak PHP by changing the parameters of php configuration for better security and performance.
PHP Upgrade: Compile PHP to its latest stable version which increases server security.
Shell Fork Bomb/Memory Hog Protection: Protection against Telnet/SSH users using all of the server resources and causing a system crash.
Update Control Panel to latest version
Install Logwatch to investigate any unusual server behaviour.
Turn off unused services and daemons.
Disabling Chargen to prevent an attacker from using it to interrupt another server.
Symlink Protection
Kernel Hardening
Crontab Hardening
MySQL Hardening
ClamAV: Is a cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses
Root Logger Notification of root access when someone login as root in the server along with the timestamp and ip address information.
Email Password Scan
Logwatch: Install Logwatch and go over the emails you’ve received. Check the server for any unusual activity.
IFTOP: Install IFTOP which displays a frequently updated list of network bandwidth utilization (source and destination hosts) that passing through the network interface
Turn off compilers. Although the majority of rootkits are precompiled, this is not the case with all of them. Shell users will be unable to compile any irc-related apps as well.
Enable PHP open_basedir Protection: PHP open_basedir protection prevents users from opening files outside of their home directory with php.
Network Socket Inode Validation (NSIV)
A rule based utility intended to aid in the validation of inodes against each LISTEN socket on a system.
Linux Environment Security (LES)
Enforcing root-only permissions on system binaries (binaries that should not be executed by normal users), enforcing root-only path traversal on system paths, enforcing the immutable bit on essential rpm package contents (i.e. coreutils), and enforcing the immutable bit on shell profile scripts are all useful.
Mail Server Hardening
Spoofing Avoidance
When an email sender attempts to impersonate the sender, the sender header is set.
Including MailHeaders in PHP
Spoofing from webmail and SMTP authenticated users is no longer tolerated.
Remove Dictionary attack protection from sendmail
Remote mail sent to the server’s hostname should be rejected.
Attachments: Messages containing potentially harmful attachments should be filtered.
Scan mails from known senders for malware.
Examine incoming and outgoing messages for malware.
Turn on SMTP Restrictions.
Set up high failure rate protection.
Experimental: From: header Rewrite
Set the maximum number of hourly emails.
Anti-spam
Installation/configuration of SpamAssassin & ClamAV, Realtime Blackhole Lists (RBLs), dictionary attack protection and rate limiting
Mod Security (On Request)
ModSecurity is a web application firewall that may be embedded. It protects online applications against a variety of assaults and enables HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure.
Mod Evasive (On Request)
Mod Evasive is an Apache evasive manoeuvres module that performs evasive action in the event of an HTTP DoS or brute force attack. It is also intended to be a detection and network management tool, and it can be simply setup to communicate with ipchains, firewalls, routers, and other devices.
