Security RedHat 9

From: tg@xxxxxxxxx
Date: Wed, 11 Oct 2006 20:24:25 GMT

Since some years I have a Red Hat 9 webserver. I use it to host my
students webpages for PHP and MySQL lessons. I am not a Linux expert
at all, I just want to have a stable server running for these
purposes. This has been working just well these years until now.
Someone has installed a program, john-1.7.2 and use the server
probably to hack other systems. Now my rootpasswd is changed so I
can't use it anymore. I have a copy of the server on a harddirve
whilch I intend to change for the destroyed one. The server is placed
some 60 miles from here so I use it through ssh and only rarley I can
handle it physicly.
So my question: What shall I do to make the new server safer before I
pöut on the net? I use to have only one user to be able to log in with
ssh. All passwords are safe Unix passwords.
Are there som simple actions I can do to make the server more secure
before using it?

Gerry
.

Follow-Ups:
- Re: Security RedHat 9
  - From: Jeroen Geilman
- Re: Security RedHat 9
  - From: J.O. Aho

Prev by Date: Re: Multiple desktops
Next by Date: Slow Fedora Core 3 Server
Previous by thread: Linux applications
Next by thread: Re: Security RedHat 9
Index(es):
- Date
- Thread

Relevant Pages

Re: Trouble with X11 over SSH on Mandriva 2010.0
... If next clean install/update causes ssh to break, ... installed the sshd daemon/service package (OpenSSH Server) on the server. ... correct values for client and server. ...
(comp.os.linux.networking)
Re: Apache Software Foundation Server compromised, resecured. (fwd)
... this was one "result" of the comromised ssh binary at sourceforge. ... a public server of the Apache Software Foundation ... > (ASF) was illegally accessed by unknown crackers. ... > exhaustive audit of all Apache source code and binary distributions ...
(FreeBSD-Security)
Re: FreeBSD Crash without Errors, Warnings, or Panics
... I suppose I could run on stable until the driver is fixed in a release branch, but I need this box up and online, and I've always read that the stable branch is not the place for production servers. ... I'm running 6.0-RELEASE-p5 on a Toshiba built server: dual Xeon Intel motherboard with a LSILogic MegaRAID controller. ... Also, some network ports still respond, like a telnet to port 22 to test SSH will yield an SSH banner, but trying to connect with SSH just hangs. ... The box runs a web-based app and connects to a local Postgres DB which seemed to be unable to start new connections being requested by the PHP scripts. ...
(freebsd-hackers)
Re: restrict ssh access
... > We have one ssh server which receives about 6000 failed attempts to ... > unsuccessful login attempts per client IP address? ... the remote server is also running OpenSSH. ...
(comp.security.ssh)
Re: SSH as root
... Subject: SSH as root ... but it doesn't require having a key on the server that could be ... If they compromise a server, and the passphrase, etc. is there, they only ... private key to anyone. ...
(SSH)