|Rich Freeman on 31 Jan 2011 13:14:57 -0800|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|Re: [PLUG] apache security|
On Jan 31, 2011 3:38 PM, "Mike Sheinberg" <email@example.com> wrote:
> FYI - I don't have physical access to this server and it is public facing (hence all my earlier ip tables questions). I run integrity checkers daily on the file-system so I can see whenever files are modified anywhere - and I also plan on taking good backups and using plenty of logging.
So, are you sure all of this is reliable?
The backups are fine, if you test them and reliably detect intrusions.
Integrity checkers are only as good as the OS they run on and the signatures they use. If you run them offline you are probably fine. If you run them online they slightly increase security, but that is all. A hacker will rootkit you, and that will include kernel-level hiding of modified data. Since you lack physical access I'm skeptical that you're secure unless your hosting service covers this.
Logs likewise are only as good as the media they are stored on. If they are a file on your webserver they will be tampered with.
Not sure how important security is to you, but having it takes work...
___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug