GoFuckYourself.com - Adult Webmaster Forum - View Single Post

raymor · 09-24-2011, 07:47 PM

Servers at large provides that sell cookie cutter servers to DIY webmasters are common targets because the bad guys know that IP range has tons of servers that lack a qualified sysadmin. They know that the typical webmaster lacks the skills and motivation to do even significant hardening. New severs are particularly attractive because the default configuration is known and often includes weaknesses like default or empty passwords, php running suexec, etc.

Cphulk monitors several different daemons. Which are you getting a lot of notices for? Turn off any archives that you aren't using. For example, turn off pop3 if you aren't using your server to receive mail.

For services other than smtp and http, you can switch them to use a port other than the default and that will greatly reduce brute force attacks.

09-24-2011, 07:47 PM
raymor Confirmed User Join Date: Oct 2002 Posts: 3,745	Servers at large provides that sell cookie cutter servers to DIY webmasters are common targets because the bad guys know that IP range has tons of servers that lack a qualified sysadmin. They know that the typical webmaster lacks the skills and motivation to do even significant hardening. New severs are particularly attractive because the default configuration is known and often includes weaknesses like default or empty passwords, php running suexec, etc. Cphulk monitors several different daemons. Which are you getting a lot of notices for? Turn off any archives that you aren't using. For example, turn off pop3 if you aren't using your server to receive mail. For services other than smtp and http, you can switch them to use a port other than the default and that will greatly reduce brute force attacks. Last edited by raymor; 09-24-2011 at 07:48 PM..