Printable View
I am running a secure site form a web server. As a web developer, recently I notice some unexpected behavior in websites. My URL has extra long hashes and quotes. There are multiple attempts in the secure log thing. I believe that some one is hacking my server. Can any security person help to give a brief idea about how to avoid centos hacking attempts. How can I track weather my server is monitored by any spyware. Urgent Help needed.
One thing I can suggest you if you feel that you are under attack. Use php to add iptables rules to block such unwanted connections. As you had noticed the attempts I believe from now onwards you will need to monitor you system regularly. The attempts in log means that some application is trying to steal your password and gain access. The automated programs are easily spot by a server which creates a log entry. To stop this attacks create a script that open and parses your secure log. Now look out for those entries and add rule to iptables script to block the ip's associated with them. These scripts can be easily modified and you add more ip's for security.
I use DenyHosts service to make my server more secure. It is an powerful and efficient tools which block unwanted incoming. DenyHosts is a system which monitor your sever for hacking attempts on the SSH Daemon. As you log shows you a log of failed attempt to access your sever. DenyHosts track those ip's and block them forever. You get deny host form the website - denyhosts.sourceforge.net . Go on this website get DenyHosts and configure it to protect you server. It will only allow your genuine user authenticated by you. Other incoming are blocked. The installation is very simple after downloading the file do this :
- First decompress the archive file in the place where you want to install. Normally the default directory is /usr/share/denyhosts
- eg.
PHP Code:mv denyhosts.cfg-dist denyhosts.cfg
- Make a clean copy of default config
- eg.
PHP Code:cp denyhosts.cfg denyhosts.cfg.bk
- Now configure it properly as per you needs.