New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Automated server "protection" scripts people recommend?
pubcrawler
Banned
Getting my install routines documented here for some new installs.
Long time user of the DDoS Deflate script, which is simple as pie for basic protection.
What other must have automated scripts to monitor hack attempts, deal with bad traffic, etc. do you install on your servers typically?
Comments
CSF firewall, fail2ban, iptables, dosdeflate, SSHGuard
However some of those might need configuration.
I always run fail2ban. Interested to see what else others use, because while I'm a huge fan of just watching logs all day, that can't work forever.
Agree @jarland! That's why I posed the question.
Crowdsourcing from the minds on the front lines saves lots of time typically with stuff like this. I have logs coming out my ears and that's not really sustainable to live with and manually watch.
Try logwatch. It will summarise your logs and email you a report
I started using logwatch for a few servers, but soon I stopped looking at them because they where so boring and pretty much useless.
I'm running OSSEC for some time now, seems to work okay. It detects system changes mostly, but also blocks ssh attacks and the like. There are a lot of preconfigurations available for all kinds of programs.