On Tue, 2005-08-02 at 23:50 +0000, Raphael Melo de Oliveira Bastos Sales wrote: > Hi there, > > I was wondering what tools should I use to detect security flaws to > my server and a few tips on how to use them. What are the most common > forms of attack and how do I avoid being attacked by one of them? > > The services avaliable are only Apache - SSL and SSH. I've > installed an firewall, iptables and firestarter to control it, and > blocked all ports except 443 and 8080, where the SSH is listening. > Apache has PHP installed as a module. > > Thanks for the attention, > > Raphael.
I have port knocking installed on firewall, to further protect any SSH attacks. So port 22 is closed (in stealth mode) and only opens if it received the right knock sequence, moreover it is only opened to an IP address from which received successful knock sequence; all others see this port as closed (in stealth mode). -- #Joseph -- gentoo-user@gentoo.org mailing list
