firewall / snort ?

3 posts / 0 new
Last post
#1 Sun, 10/01/2006 - 07:23
KassidyClark

firewall / snort ?

What is the consensus on firewalls and security for a webhosting machine? Is everyone just using Linux Firewall (iptables)? Or is there a useful package out there that can do additional reporting, something like snort/acid?

Can I just get some feedback as to what people are using on their Virtualmin servers?

Mon, 10/09/2006 - 23:46
GlenIhrig
GlenIhrig's picture

I'm using iptables along the Webmin UI component. It does everything I need in a firewall.

In addition I am running mod_security and rk_hunter.

I have disabled plain ftp and moved ports for ssh, webmin, usermin and phpmyadmin to non-stnadard values to keep the various bots guessing...

I have been running two servers in this configuration for over a year with no security issues.

Prelude-IDS http://www.prelude-ids.org/ looks very interesting as a robust IDS and reporting system, but I have not installed it.

Regards,

-Glen

Sat, 10/14/2006 - 06:04
KassidyClark

Thanks for the feedback Glen!

Topic locked