Tools for securing Linux server and its services

a) Fail2Ban: Which will ban IP address after few failure attempts

website : http://www.fail2ban.org/wiki/index.php/Main_Page

b)Rootkit Hunter : It will scan your server for any unauthorized scripts.

Website :http://www.chkrootkit.org/

To download : http://sourceforge.net/projects/rkhunter/

c)PortSentry : This tool will block IP who is trying to scan your server for open ports.

Ref : http://www.securityfocus.com/infocus/1580

http://www.securityfocus.com/infocus/1586

How to install : http://www.falkotimme.com/howtos/chkrootkit_portsentry/

d)mod_security

http://www.modsecurity.org/

e) mod_evasive : It will ban IP for certain conditions ,example :

  • Requesting the same page more than a few times per second
  • Making more than 50 concurrent requests on the same child per second
  • Making any requests while temporarily blacklisted (on a blocking list)

Web Site : http://www.zdziarski.com/projects/mod_evasive/

To be.. continue..

Leave a Reply

*