Questions tagged [hardening]
78 questions
0
votes
1 answer
Lock down a user on a stand-alone windows web server
I have a Windows Web Server 2008 R2 Core, which runs several web sites. There is no AD.
One of the web applications requires Windows Authentication for a single user.
I would like to restrict the user from doing anything except being used for IIS…
Peter Hahndorf
- 14,058
- 3
- 41
- 58
0
votes
2 answers
Server is too optimized?
I have a linux 4gb Quad core server w/ apache that is used for this website. I notice when I go to SSH and type TOP to see load averages, they are usually around 0.80.
Now from what I understand, if you have a quad core, your load average is…
Greatestswordsman
- 397
- 1
- 7
- 19
0
votes
3 answers
Different techniques to secure a server
I am trying to secure a Linux server but i even also want to know the types of vulnerabilities associated and the attacks that happen and how so that i can completely understand securing a server
0
votes
2 answers
what should be limit to use for IPTABLE rate limiting for a webserver
I see on my webserver some logs as follows
203.252.157.98 - :25:02 "GET //phpmyadmin/ HTTP/1.1" 404 393 "-" "Made by ZmEu @ WhiteHat Team - www.whitehat.ro"
203.252.157.98 - :25:03 "GET //phpMyAdmin/ HTTP/1.1" 404 394 "-" "Made by ZmEu @…
Registered User
- 1,463
- 5
- 18
- 37
0
votes
0 answers
DISA STIG False Positives and Tailoring Profile
we currently use oscap to run security scans to validate configurations in DISA STIG for our Linux machines. We are seeing a lot of false positives and we are trying to figure out if there is a way to use a tailoring file to update the rule results…
0
votes
0 answers
Why should I disable insecure SSH hostkeys if I never plan on using them?
A number of articles suggest removing insecure (broken) SSH key types in order to have a more secure server. In practice, if I only connect to the server with secure key types, why should I bother deleting insecure key types? What is a practical…
angryserver
- 1
- 1
0
votes
0 answers
Printing on hardened windows clients
I have inherited hardened clients with a lot of policies applied to them. There is an application running on this clients, that should show the windows printing dialog, but it does not pop up.
There are no policies regarding printers configured, and…
RagedVimClicker
- 19
- 1
0
votes
2 answers
Network Security: Hardening IPv6 on Ubuntu Server?
I am familiar with hardening IPv4 on Ubuntu server, but when I use the same rules for IPv6 with ip6tables, the IPv6 connectivity is lost resulting in Destination unreachable: Address unreachable errors during ping. Could you please advise on how to…
lion
- 13
- 6
0
votes
0 answers
Is it worth it to install and configure fail2ban for an Bind9 authoritative DNS server?
In our project infrastructure we have a nameserver, based on bind9. This nameserver is configured as primary and authoritative, so it is quite important. The question is, should I install and configure fail2ban for the purpose of protecting this DNS…
hancack
- 21
- 1
- 3
0
votes
0 answers
OpenLDAP/ds-389 Secure Hardening Guide
I am in the process of setting up an Open Ldap Server (ds-389) however, I cannot find many good resources which define a security or hardening guide which can be applied to the configuration or schema of the directory.
Does anyone have any good…
sfalzon
- 1
0
votes
1 answer
Block IIS GUI sites configuration change for hardening
I am trying to find the configuration settings for this hardening on Windows 2019:
Block IIS sites configuration change from the IIS GUI, even for administrators.
The sites web.config change should be possible using a text editor.
I have this…
jwalker
- 98
- 7
0
votes
0 answers
IS this error an Ancient “su – hostile” vulnerability in Debian 8 & 9 ? $ bash: cannot set terminal process group (-1): Inappropriate ioctl for device
Just received this error >>
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
then the disk partition went into READ-Only mode ; also noticed gnome-software was communicating both upload and download over the…
Marc Cox
- 1
0
votes
1 answer
iptables policy & saving in RHEL
As part of a "Hardening" task, I need to run
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
On our servers. Normally we would run this command and then run /sbin/iptables-save to implement the new policy. However as soon…
searcot jabali
- 281
- 1
- 2
- 6
0
votes
1 answer
I am trying to setup some auditd rules but getting error -F missing operation for auid
i am trying to setup the below rule in /etc/audit/audit.rules
-a always,exit -S unlink -S unlinkat -S rename -S renameat -F auid>= 1000 -F auid!=4294967295 -k delete
which didn't work so i tried executing it directly from command line as so…
user438713
-1
votes
1 answer
When someone gains remote access to a server are there other ways to execute system commands other than the bash shell?
I am hardening a server and attempting to build a restrictive layer to a potential hacker even with root access to the server to do harm.
If a user gains root or user access to the shell via say ssh, is there any other way for a user to access…
I'm Root James
- 212
- 3
- 13