On 4/8/07, Hetz Ben Hamo <[EMAIL PROTECTED]> wrote:
You could do few things:
2. Have some logs emailed to you from the server on a daily basis
(crontab). By default, Redhat/CentOS/Fedora does this automatically,
but you can enhance it to send pack few log files and email them to
you as .tar.bz2 for example. That way you could check whats going on
to see who entered when etc.. (logs like ssh, httpd, sendmail).
Ususally when you compress text files, they become small, so the email
wouldn't be really big.
That is impractical advise. No one has time the go by daily basis over
the logs of every service, the only way your logs will prove to be
useful that way is *after* the break in.
You should be looking at logwatch.
3. Make sure your iptables/firewall settings will only let specific
needs and nothing else comes in. nmap is your friend to check, along
with stuff like SAINT etc. If you don't know firewall settings well,
just ask here. I'm sure someone would happily assist you with it.
Also, for user friendly firewall manipulation - http://www.fwbuilder.org/
4. have a cron script that will backup your web server stuff nightly.
If you don't have a tape backup or spare space for backup, then pack
the essential parts and use the script to email it to you (GMail
account can hold almost 3 gigs, so you can save the backup there)
dirvish.org is a gift from guru(s).
Hetz
Maxim.
--
Cheers,
Maxim Veksler
"Free as in Freedom" - Do u GNU ?
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
