Server Auditing
  • Initial Check-up
  • Run rkhunter for a quick scan that the system doesn’t appear to be compromised
  • Run chkrootkit for a quick scan that the system doesn’t appear to be compromised
  • Scan all network ports and find out which ports are open
  • Clean up unwanted files from /tmpCheck /proc for hidden or unwanted processes
  • Disk (SMARTD) Health Check – Check for bad disk blocks in all partitions
  • Check for unsafe file permissions/Disable some executables
  • Check whether the kernel has vulnerability
  • Check the memory/CPU (system health check using systat)
  • Check if the partitions have enough free space and inode
  • Check the size of the log files. It’s better that the log size remains in megabytes
  • Check logs and block suspect ips
  • Check server load and partitions to perform maintenance activities
  • Scan for *.c or binary files (which have possible security issues)Scan for
  • Virus/Trojan Horses using ClamAV Tool Kit
  • Check tcp connections and make sure no unwanted ips or ports are listed
  • Clean the mail queue by removing SPAM, frozen, nobody mails
  • Check Load on the server – Quick check of running processes using ps, netstat, lsof, top etc
  • Check Apache version
  • Check Server is installed with latest PHP version
  • Check APF version
  • Check server is installed with latest cpanel verison
  • Check users having bash shell
  • Check Cpanel is set to auto or manual updates, and ensuring that Cpanel is set to auto-update security issues

  • Check Backups are running properly (daily/monthly/weekly)Cleansing of (/tmp, /var/tmp, /dev/shm, /home/cprestore, old backup archives that dont have any valid account on server)

  • Time/date check
  • Apache Secure and Optimization
  • Mysql renice for good performance
  • PHP optimization
  • WHM Tweaking
  • Sysctl hardening for preventing SYNC/DOS attack
  • Inetd Hardening
  • Host.conf Hardening
  • Hardening Pure/Proftpd
  • Updated rules for mod security
  • Libsafe installation
  • Root LoginEmail alert
  • Install Mod_evasive
  • Logcheck installation
  • Prevent the execution ofspamming scripts
  • Update php-pear, gem modules
  • Inittab checkLogwatch installation
  • Identify the common issues and sources of system resource and bandwidth usage
  • Check dmesg output
  • Check history for root and su user
  • Check MySQL processes and error log
  • Check mount options
  • Remove unsecure RPMs

Copyright © . All rights reserved