This is a collective of information regarding setting up, and securing your new redhat server.
Before we can even start doing anything security modifications we have to know and understand how to use SSH.
Putty is the best, and free SSH Client.
1) Install & Understand Putty
Learn to use SSH2) Understand some basic linux commands. This goes a long way with the rest of the guide because you will have a better "general" understanding of what each command does.
Basic Shell CommandsMore Basic Shell Commands3) Install a Firewall. This is a guide to install APF.
APF Install4) Install Brute Force Detection, from the makers of APF.
BFD is a modular shell script for parsing applicable logs and checking for authentication failures.
Brute Force Detection5) Dsiable Direct Root Login. This will force you to login as another user in (in cpanel the user must be in the wheel group), and then su to root. This helps deny 'wanna-be' hackers.
Disable Root Login6) Disable Telnet Access. Telnet is not secure, and your password is sent in plain text, so don't use it! Disable it forever, and use SSH instead.
Disable Telnet7) Force SSH Protocol 2.
Force SSH Protocol 28) Install CHKROOTKIT.
CHKROOTKIT is a shell script that checks system binaries for rootkit modification. Then notifying you.
CHKROOKIT-- The rest are for cPanel Only Servers --
9) Disable cPanel Demo Mode
Disable cPanel Demo Mode10) Jail All Users' Shell Access
Here is how-to:
Login to WHM
yourdomain.com/whm
Account Functions
Manage Shell Access
Jail All Users
If possible it is best to NOT
grant shell access to users at all.
11) Modify WHM Security Settings
Modify WHM Settings12) Enable SUEXEC
Enable SuExecThis next one is optional..
13) Receive an e-mail when someone logs in as root.
Root Login E-Mail14) RKHunter Installation Guide (Root Kit Hunter).. scan your box daily for root kits.. with Root Kit Hunter
v1.1.4 RKHunter Installation
