This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

firewall / snort ?

3 posts / 0 new

Topic locked

Last post

#1 Sun, 10/01/2006 - 07:23

KassidyClark

firewall / snort ?

What is the consensus on firewalls and security for a webhosting machine? Is everyone just using Linux Firewall (iptables)? Or is there a useful package out there that can do additional reporting, something like snort/acid?

Can I just get some feedback as to what people are using on their Virtualmin servers?

#2 Mon, 10/09/2006 - 23:46

GlenIhrig

I'm using iptables along the Webmin UI component. It does everything I need in a firewall.

In addition I am running mod_security and rk_hunter.

I have disabled plain ftp and moved ports for ssh, webmin, usermin and phpmyadmin to non-stnadard values to keep the various bots guessing...

I have been running two servers in this configuration for over a year with no security issues.

Prelude-IDS http://www.prelude-ids.org/ looks very interesting as a robust IDS and reporting system, but I have not installed it.

Regards,

-Glen

#3 Sat, 10/14/2006 - 06:04

KassidyClark

Thanks for the feedback Glen!

Topic locked