get ;
1. fail2ban - it blocks failed login ips etc
2. get shorewall or any iptables front end and restrict ips to the ranges u need ( or even specific ips)
3. run ssh on a nonstandard port
4. good, long password
these steps will go a long way and will get u started.
----- Original Message ----
> From: Mag Gam <magawake@xxxxxxxxx>
> To: CentOS mailing list <centos@xxxxxxxxxx>
> Sent: Sunday, June 28, 2009 3:21:25 AM
> Subject: server is always getting hacked
>
> WE have a centos 5.3 install, and our server is keep getting hacked.
> We see load averages of 500+ and see people from all over the world
> logging into our server (used last).
>
> Is there a good place to start to avoid these kinds of things?
>
> For example, here is what I already did.
>
> Open up sshd port only
> setup iptables to only accept port 80 and 22
> No FTP
> No other ports are allowed according to IP Tables.
>
>
> I am not sure what else measures I can take. Can someone please assist?
>
> TIA
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
