 Search the Knowledgebase |
 Browse by Category |
|
|
|
| View Articles by Category |
|
|
Security
|
There were 11 articles found in this category:
 What are SoftLayer's internal IPv6 blocks?
What are the SoftLayer corporate IPv6 netblocks? The following are the IPv6 netblocks used on the SoftLayer management network, and should be allowed to connect to your server. Dallas - 2607:F0D0:1000:0000:/48 Seattle - 2607:F0D0:2000:0000:/48 Washington, DC - 2607:F0D0:3000:0000:/48
- Portal Security: Antivirus and Spyware
McAfee provides industrial-strength protection for viruses, spyware, rootkits, and other security issues with their security suites. These security programs can be accessed in the SoftLayer portal under “Security” > “Anti-virus – Spyware”. This page contains a ...
- Nessus Security Scanner
SoftLayer provides an online Security Scanner, powered by the open source Nessus Scanning tool. This security scanner can be accessed under the Security tab by clicking on “scanner.” More information about the Nessus Scanning tool can be found on the Nessus website at http://www.n ...
- URL injections information
URL Injection attacks typically mean the server for which the IP address of the attacker is bound is a compromised server. Please check the server behind the IP address above for suspicious files in /tmp, /var/tmp, /dev/shm, along with checking the process tree (ps -efl or ps -auwx). You may al ...
- Rootkit help
RootKit -- Spyware and Junkware detection and removal tool Go to Rootkit Hunter homepage, and download the latest release. http://www.rootkit.nl/projects/rootkit_hunter.html ## Get the latest source and untar # cd /usr/src/utils # wget http://downloads.rootkit.nl/rkhunter-<version>.tar.g ...
- Ddos protection with bandwith shaping
Protecting your host from SYN floods From Alexey's iproute documentation, adapted to netfilter and with more plausible paths. If you use this, take care to adjust the numbers to reasonable values for your system. If you want to protect an entire network, skip this script, which is best suited f ...
- Chrootkit help
SSH as admin to your server. DO NOT use telnet, it should be disabled anyways. #Change to root su - #Type the following wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz # Check the MD5 SUM of the download for security: ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.md5 md5sum chkroo ...
- Botware / Malware defense
Prevention ========= - Ensure OS and software patches on the desktop are up to date - Disallow installation of new software on desktop (users have no administrative rights) - Block domains that are known to be distributing malware. - Malware domains http://www.malwaredomains.com - C&C l ...
- How do I permit specific users SSH access?
We will be primarily working with one configuration file in this article: OpenSSH - /etc/ssh/sshd_config OpenSSH For locking down which users may or may not access the server you will want to look into one, or more, of the following directives: User/Group Based Access AllowGroups This keyword ...
- How to disable root login through SSH.
Before you do this make sure you have created another user in the wheel group. To disable root login through ssh, edit the following file: # /etc/ssh/sshd_configbrowse to the following line: PermitRootLogin yesand change to: PermitRootLogin noSave the file and restart ssh. # /etc/init.d/ssh rest ...
- DoS: looking at open connections
Here is a command line to run on your server if you think your server is under attack. It prints our a list of open connections to your server and sorts them by ammount. RedHat: netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n BSD: netstat -na |awk '{print $5}' |cut -d ...
|
