Securing a Virtual Private Server?
I own a VPS
FC4 with A,M,P installed. I recent had some DDoS attacks, and i would like to know the best way to secure my VPS from any possible attack. I am not writting the versions of installed applications and i am willing to update them in the best possible version.
Answer by Gray Owl
There is not much you can do within the server against DDoS. The principle of DDoS is so much volume arrives at your server, it cannot handle it; ergo you have to do something about the traffic.
Best place to deffend against DDoS is at routers or firewalls.
If you have system access, I suggest you reduce cache time, and connection time outs.
Here is a quick list how to harden your Fedora box:
Remove Unnecessary RPMs
Patch to the latest stable system
disable listening on unused ports
Close ports and disable runlevel sys services
disable unnecessary xinetd services
check inittab and boot script for unecessary things
restrict system access from servers and net
secure your SSH
secure your postfix
secure your sendmail
secure your NFS
Check kernel tunable security parameters
check file permissions and ownerships
enabe password aging
enforce strong password
lock accounts after too many failures
restrict direct login
restrict su access
Search for “linux hardening”.
What do you think? Answer below!