i need help to some to secure my vd server from hackers, cause just recently i just been hacked and had reinstall the os , and lost all my files, so can any one help me secure the server, becuase am new to this...

i will pay if you help..

Hello ssja,

I would recommend that you install root hit hunter first.. you can do this buy logging into root and pasting this:

cd ~; rm -Rf rkh*; wget http://downloads.rootkit.nl/rkhunter-1.2.4.tar.gz; tar zxf rkhunter-*.tar.gz; cd rkhunter; ./installer.sh; rkhunter --update; rkhunter -c --cronjob; crontab -e; cd ..; rm -Rf rkhunter*

By having that all together you won't need to do anything. The system will download it, install it, update it, add it to your cronjobs (makes the system do a rootkit search every morning at 5AM and will email you if anything is found). and then it does it's first check.

If you have problems with wget on your server as I had, you can download it to your computer and FTP it into root.. The address for download it is http://downloads.rootkit.nl/rkhunter-1.2.4.tar.gz

Once it's FTP'd into root just paste this:

tar zxf rkhunter-*.tar.gz; cd rkhunter; ./installer.sh; rkhunter --update; rkhunter -c --cronjob; crontab -e; cd ..; rm -Rf rkhunter*

I hope this hopes somewhat. I will check into other things you can do as well, but I don't know of any off the top of my head.

thanks for the advice but am new to servers, and i hardly understand what u are saying, cause i dont know were to paste this..

all i have is a cpanel/whm
and ftp access


thanks

Oh sorry. Paste that in SSH. To get in there you will need putty. You can get that by going here: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html - then go down to where it says: For Windows 95, 98, ME, NT, 2000 and XP on Intel x86. You will want the first one, link name for it is putty.exe. Once you have that open it and where it asks for the domain but your primary IP address and then click on open. You will be asked for your login, that will be root. Then it will ask for your password, this is your root password. Note however, it will not show you typing the password. Then once your in there it will sat root@whatever. That is where you paste that in.

I am also searching for good firewalls. I will test them out on mine before I pass them on to you to make sure they do their job but, I need to know what OS your using.

could you pass any info on good firewalls on to me plz ... im on redhat

I really don't know any... im testing them out on mine as I find them. Right now the one that sounds good is firestarted... You can check it out here: http://www.fs-security.com/

computerguy, i really apreciate this alot thanks for helping,

ive done what u said but i get to this part in the putty.exe

Connecting to downloads.rootkit.nl[62.177.200.5]:80...

and it stays there..? is that meant to be there, or should i wait longer?

hey again, i pasted what you said but i get error saying timed out retrying when its trying to download it?? please help

Hey.. wget has problems with that site for some reason. You'll have to do it the second way.

Do it like this:

Download it to your computer and FTP it into root.. The address for download it is http://downloads.rootkit.nl/rkhunter-1.2.4.tar.gz

Once it's FTP'd into root just paste this within SSH:

tar zxf rkhunter-*.tar.gz; cd rkhunter; ./installer.sh; rkhunter --update; rkhunter -c --cronjob; crontab -e; cd ..; rm -Rf rkhunter*

how do i login with root in ftp ive tried but it keep saying login incorrect but login does work when i log in to whm...

ok i managed to installl , will this help against hackers?

sounds like there isn't an ftp account set up for root and I'm not sure how to set one up for it since their isn't the reg. cPanel for root.... If you have a website you have access to, just ftp rootkit hunter into the public_html folder of that site and then use wget on that address. The address would then be: wget http://www.you.com/rkhunter-1.2.4.tar.gz

Sorry I missed your post. It doesn't really help to prevent hackers but it will tell you if someone is trying to get root access but installing a backdoor and stuff like that. The firewall im testing right now says it helps prevent hackers. If so, I'll pass it on to you.

ok kool thnx please post it here asap,

thanks once again..

APF ( firewall) and BFD ( intrussion detection) from Fxnetwork are some nice appz to try out. You can find them at http://www.rfxnetworks.com/proj.php
The installation instruction i believe is covered by one of us in the HOW-TO section of this forum ( make it display threads greater than 1 month).
I would also suggest upgrading to atleast fedora Core 1, as Redhat9 is discontinued so is the support for it. Not many updates will be released for it. FC is a development team thats continuing Rh9. More info can be found at http://fedora.redhat.com/

Once done with that, get YUM (http://linux.duke.edu/projects/yum/) installed ( its for linux) , its a good apz that can install most appz ( using rpm's) and even acts like ur Windows Update tool, instead, it finds if any updates are needed for your system.Once again, i believe the yum installation instruction is covered in this forum several times. Use the search feature

Good luck!