GREEN OLIVE TREE
Hosting Web Design Server Management Affiliate Program .netSERVER MANAGEMENT
Security Monitoring Administration Ordering Information Terms of Service Contact Us Order NOW!ALA CART SERVICES
Apache Modules Exim MTA Tweaks Software Installations Custom ProgrammingRESOURCES
WebHostingTalk.com Official cPanel Forums WebHostGear.com
Our security experts will apply a host of security fixes, software installations and general server hardening that will help protect you in case you become a target.
Our security package includes:
| APF (Advanced Policy Firewall) | Policy based, reactive firewall. Works with IPTables. |
| LSM (Linux Socket Monitor) | Monitors system for newly opened ports and services. |
| Mail Source Tracking | Enable tracking of emails sent via PHP scripts. (cPanel only) |
| PMON (Network Socket Monitor) | Network monitor. Identifies rouge services. |
| SPRI (Priority Scheduler) | Schedule the priority of system processes. |
| BFD (Brute Force Detection) | Identifies login password cracking attempts. |
| SIM (System Integrity Monitor) | Monitors critical services, load, network etc. |
| RPM Package Purge | Removal of unneeded software, such as print server, printer drivers, sound & USB drivers, portmaper, ypserv etc... |
| Default User Purge | Removal of OS Default users (adm, gopher etc...) |
| Common permissions | Reset system permissions to secure defaults on directories and common binaries. |
| 'tmp' Path Hardening | Harden all temporary data paths (e.g: /tmp) with a special device file to enforce strict options that prevent the execution of compiled exploits. |
| Sysctl Hooks Configuration | Sysctl provides configuration options hooked into kernel functions to allow a user to modify options without a recompile; these options are tweaked to harden the TCP/IP stack from syn-flood attacks and other network abuses. |
| Services Hardening | Tweak & harden common services to minimize information broadcasted about software versions. |
| Time Synchronization | Sync local system clock to a time server. |
| Increased Logging | Modify default syslog configuration to perform further logging options. |
| Host.conf | Reconfigure host.conf to prevent DNS lookup poisoning & spoofing protection. |
| TPE (trusted path execution) | Enforce trusted path execution; exported PATH environment variable can only contain root owned paths. |
| Setup 'iftop' | Top-like network traffic monitor. |
| Setup 'tcpdump' | Network packet sniffer/network analysis. |
| Setup 'libsafe' | Filter common software attacks. |
| Setup 'snort' | Network intrusion detection system. |
| Setup 'logwatch' | Log parsing and reporting utility. |
| Setup 'aiv' | Auto-inode validation; ensure sanity of binaries. |
| Backdoor inspection | Inspect and verify server for sanity from backdoor exploits. |
| SSH Server Hardening | Modify default sshd server config files to address common protocol & authentication issues. |
| Software Updates | Local inspection of installed software/retrieval of vendor & OS updates. |
| PHP open_basedir | Modify PHP setup to enforce a set of 'safe' execution paths. |
Exim MTA Tweaks ~ Software Installations ~ Custom Programming ~ Contact Us