Resources, Articles, Tricks, and Solutions in connection to Server Security

Server Hardening - What it means

This article covers techniques to prevent attacks on the server. Basically, if we manage our servers without proper precautionary actions it is easy to spoil the reputation of the server.

Hardening your server is the process of increasing security on your server through a variety of means to result in a much more secure operating environment. Server hardening is one of the most important tasks to be handled on your servers. 

The default configuration of most operating systems is not designed with security as the primary focus. 

Default server setups focus more on usability, functionality and communication.


Server Hardening Security Measures Includes:

1. Hide login password from cgi scripts.

This setting allows you to hide the REMOTE_PASSWORD variable from scripts that the cpsrvd daemon's CGI handler executes.

2. Referrer safety check.

Only permit cPanel, Webmail and WHM to execute functions when the browser-provided referrer (port and domain or IP address) exactly matches the destination URL.

3. Initial default/catch-all forwarder destination

Select Fail to automatically discard un-routable email that your servers new accounts receive. This will help protect your server from mail attacks.

4. Verify signatures of third-party cPaddons.

Enable this option to verify GPG signatures of all third-party CPaddons.

5. Prevent "nobody" from sending mail.

Enable to block email that the nobody user sent to the remote address. Nobody is the username for Apache.

6. Enable SPF on domains for newly created accounts.

7. Proxy subdomain override.

Disable this option to prevent automatically-generated proxy domains when a user creates a subdomain.

8. Proxy subdomain creation.

Disable this option to prevent the addition of cPanel, Webmail, Web Disk and WHM proxy subdomain DNS entries to new accounts.

9. Cookie IP validation.

Disable this option to allow logins regardless of the user's IP address.

Read More


Methods to secure database server - Best Practices

This article covers different methods to secure a Database Server. Database security helps: Company's block attacks, including ransomware and breached firewalls, which in turn keeps sensitive information safe. It Prevent malware or viral infections which can corrupt data, bring down a network, and spread to all end point devices.


SQL injection vulnerabilities occur when application code contains dynamic database queries which directly include user supplied input. 

This is a devastating form of attack and BSI Penetration Testers regularly find vulnerable applications that allow complete authentication bypass and extraction of the entire database.

SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. 

This information may include any number of items, including sensitive company data, user lists or private customer details.


Some known database security issues:

Security risks to database systems include,

1. Data corruption and/or loss caused by the entry of invalid data or commands

2. Mistakes in database or system administration processes, sabotage/criminal damage and so on.


There are numerous types of databases and many different ways to hack them, but most hackers will either try to crack the database root password or run a known database exploit. 

If you're comfortable with SQL statements and understand database basics, you can hack a database.


Practices for Database Security:

1. Protect Against Attacks With a Database Proxy.

2. Set Up Auditing and Robust Logging.

3. Practice Stringent User Account Management.

4. Keep Your Database Software and OS Up-to-Date.

5. Encrypt Sensitive Data in Your app, in Transit, and at Rest.

Read More


Enforcing server security using hardware firewall

This article covers how important is enforcing process in server security using a #hardware #firewall. A firewall is a system that provides network security by filtering incoming and outgoing network traffic based on a set of user-defined rules. In general, the purpose of a firewall is to reduce or eliminate the occurrence of unwanted network communications while allowing all legitimate communication to flow freely.


A hardware firewall sits between your local network of computers and the Internet. 

The firewall will inspect all the data that comes in from the Internet, passing along the safe data packets while blocking the potentially dangerous packets.


Hardware firewalls allow you to protect your entire network from the outside world with a single physical device. 

This device is installed between your computer network and the internet.

A software firewall is installed on an individual computer and it protects that single device.


Tips to achieving network security:

1. Use strong authentication methods.

2. Upgrade your software with latest security patch.

3. Physically secure equipment and ports.

4. Establish cyber security rules for your employees and make them aware of the important role they play in security.

5. Encrypt your data and require users to enable bios passwords.

Read More


Scanners For Security Linux Servers

This article covers a few good scanners for securing #Linux Servers.
ClamAV ranked 13 out of 16 for Linux malware and viruses beating McAfee, Comodo and F-prot.
To run a ClamAV scan in Linux, you can open a terminal and insert “sudo apt-get install clamav” and press enter.
You may also build ClamAV from sources to benefit from better scanning performance.
To update the signatures, you type “sudo freshclam” on a terminal session and press enter.
Now we are ready to scan our system.
clamscan is a #command line tool which uses libclamav to scan files and/or directories for viruses. Unlike clamdscan , clamscan does not require a running clamd instance to function. Instead, clamscan will create a new engine and load in the virus database each time it is run.
Clam AntiVirus (#ClamAV) is one such open-source antivirus software that helps to detect many types of malicious software including viruses.

Rootkits are a type of malware that are designed so that they can remain hidden on your computer. But while you might not notice them, they are active. Rootkits give cybercriminals the ability to remotely control your computer.

Read More


Hardening an Ubuntu Server

This article covers the the importance of passwords, user roles, console security, and #firewalls all of which are imperative to protecting Linux servers.
Hardening an #Ubuntu server is a critical step in any server setup procedure.
Any time that a new server is being brought up to host services, whether production, development, internal or external, the server's operating system must be made as secure as possible.


To make your Ubuntu #Linux server secure:
1. Secure Server Connectivity
2. Establish and Use a Secure Connection.
3. Use SSH Keys Authentication.
4. Secure File Transfer Protocol.
5. Secure Sockets Layer Certificates.
6. Use Private Networks and VPNs.
7. Monitor Login Attempts.
8. Manage Users.
9. Establish Password Requirements.

Read More


Kernel-memory-leaking Intel processor design

This article will guide you on how to fix Kernel-memory-leaking. Kernel-memory-leaking Intel processor design occurs due to a flaw in the Intel x86-64 hardware. 

The simplest way to detect a memory leak is also the way you're most likely to find one: running out of memory. 

That's also the worst way to discover a leak! Before you run out of memory and crash your application, you're likely to notice your system slowing down.

A memory leak can diminish the performance of the computer by reducing the amount of available memory.

Most memory leaks result in general software reliability problems, but if an attacker can intentionally trigger a memory leak, the attacker might be able to launch a denial of service attack (by crashing the program) or take advantage of other unexpected program behavior resulting from a low memory condition.


Memory leaks have two common and sometimes overlapping causes:

1. Error conditions and other exceptional circumstances.

2. Confusion over which part of the program is responsible for freeing the memory.

Read More