Ubuntu Server Safe.

Emanuele Gentili | Security | Sunday, August 17th, 2008

For several years I decided to reject the possibility of managing a hosting outside, mainly for security reasons.

Why pay an external hosting if we can not completely manage?
Where are the guarantees on server configuration and arrangements related to security?

It is true, there are virtual servers and dedicated servers, but who makes him to spend unnecessary money for a pseudo machine that can not always manage how we want?

So I decided to use an old Pentium 3 with Ubuntu Server (encrypted disks) and other serious side arrangements kernel and demons going to transfer logs on the external device.

The device that you can see in the picture, copy every few minutes some log files (which I set), analyzes at them independently and sends them both to paper Printer and via email to me (if they conform to the warning rules that I set).

A true server-safe!

Tools:

* Apache2 and Mod_Security
* GRSEC
* Chroots
* Open SSH Server (only with key login)
* Snort
* Knockd
* dm-crypt
and other stuff wrote by me. :)

6 Comments »

  1. What is the board on the table?

    Comment by Andrea Grandi — August 17, 2008 @ 8:49 pm

  2. This is a GNU/Linux Embedded board (hardware similar to Linksys WRT) that i use for logging.

    Comment by Emanuele Gentili — August 17, 2008 @ 8:59 pm

  3. I think that the whole printing out part is a bit overrated and honestly it think it’s a waste of paper. Why would you need that on paper for anyway? Just set up a loghost (or 2 if you see that fit) and do your archiving and analysing digitally and get yourself proper backup.

    Oh and what’s up with all the emphasised, bold words, do they bear particulair meaning?

    Comment by Blackhouse — August 19, 2008 @ 7:25 am

  4. Yeah it is.
    I have very restricted rules, and my system print always warning that i love see.

    Comment by Emanuele Gentili — August 19, 2008 @ 9:23 am

  5. mmm. I think that mechanisms as Tripwire without print it’s a similar solution. Why print ? i think that you use a laser printer :-D

    another thing: do you prefer to use grsec to Apparmor ?

    Comment by ienabellamy — August 30, 2008 @ 12:07 pm

  6. Printing out errors is a waste, especially since you’re already getting them e-mailed. I hope you keep that big ass CRT off all day :-D… not very environmentally friendly now are we? .. i kid i kid..

    Comment by cl0s — October 17, 2008 @ 5:39 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

Perchè questo sito usa Freesoftware? | contatti: emgent @ ubuntu.com | Skype My status

website counter