I'd look into the various hardening and monitoring tools available
(Bastille, Tripwire, chroot, etc). There's different tools for different
purposes, obviously. We chroot all our BIND and Apache stuff. Bastille
is great for hardening the environment. Tripwire monitors for changes to
key files.
our web sites got hacked and we were subjected to ddos for last few days. I
wanted to know what can I do for monitoring to find out if I am hacked or
not. By the way, we were hacked by php exploits. Please advise on this.
Thanks
--
Cordially,
Shadhin Rahman