2. Know what’s happening to your system. Get Portsentry and Logcheck from http://www.psionic.com
3. Get a good firewall i.e. ipchains or iptables.
4. Shut down all unneeded ports, RPC port 111 etc.
5. Don’t offer Telnet or even SSH to your customers.
6. Don’t allow anonymous ftp.
7. Get a static IP number from your ISP and limit telnet / ssh to only that number. Remember to allow Dialtone’s IP number
( in so they can trouble shoot your system.
8. Once a week run a password guessing script to test your customers password for security. We like John-the-Ripper available at: http://www.openwall.com/john/
9. Get and use chkrootkit available from http://www.chkrootkit.org/
10. Join Dshield.org and fightback through their system: http://www.dshield.org/ we even post a warning to hackers and crackers on our web site about reporting all attempts to Dshield

Bir yanıt yazın