Security Script Question

Discussion in 'Linux VPS/Dedicated - General' started by gameutopia, Jun 24, 2007.

  1. gameutopia

    gameutopia New Member

    Ok here is a securtiy script/program I recently came across. Supposed to support various flavors of red hat, fedora, and centos, with cpanel and plesk integration from what I understand and have read.
    http://servermonkeys.com/els.php

    I guess it's the easy way or more catered to the novice beginer that is looking for security enhancements.

    My question is has anyone ever heard of or used this particular script?

    And any comments on whether this would have any issues with the new cpanel 11 updates? I've already had way too many issues with cpanel 11 updates I really don't need anymore problems.

    Program/script is supposed to:
    Install RKHunter
    Install RKHunter Cronjob which emails a user-set email address nightly
    Install/update APF
    Add SM/TP monitoring IPs (view information on these in Orbit)
    Install/update BFD
    Install CHKROOTKIT
    Install CHKROOTKIT Cronjob which emails a user-set email address nightly
    Disable Telnet
    Force SSH Protocol 2
    Secure /tmp
    Secure /var/tmp
    Secure /dev/shm
    Install/update Zend Optimizer
    Install/update eAccelerator
    MySQL 4.0 and 4.1 Configuration Optimization (cPanel only)
    Upgrade MySQL to 4.1 (cPanel only)
    Tweak WHM Settings for security and stability
    Configure RNDC if not already done (cPanel only)
    Change SSH port (also configure APF as necessary)
    Add wheel user and disable direct root login over SSH
    Optimize MySQL tables
    Install/update Libsafe
    Install/update ImageMagick (from latest source)
    Uninstall LAuS
    Harden sysctl.conf
    Install Chirpy's Free Exim Dictionary Attack ACL
    And more!

    I checked the readme/install file and it looks like it will also install roundcube which I've been looking to do, but am not exactally sure how to do it. Thought this would help me install it the easy way.

    It also says you will be prompted for a y/n for each item whether you want to install or update yes or no. So that seems pretty convenient too.

    Just not sure if this is up to date and totally current or not.

    Anyone familiar or know's anything about this that could comment on it would be appreciated.
    Thanks.
    gameutopia
     
  2. NeilHerbert

    NeilHerbert YummyHost

    Thank you :) this is such a useful script. We deffinatly should have a how-to catagory on here with alot more posts like these!! I've used it since you posted it and had no problems at all with it. No conflicts with cPanel 11. If your worried about conflicts or problems that could arrise when you instal something, just make sure you renew your latest vps backup before you make any changes, so you have the option to rollback without losing much data.

    Neil
     
  3. ppc

    ppc Moderator

  4. gameutopia

    gameutopia New Member

    Thanks ppc for the tutorial some good info in there.

    And NeilHerbert what all did you install with this script just out of curiosity?

    I'm looking to install roundcube server wide for all accounts/users, as well as zend and accelerator. Mysql optimization would also be appealing if it worked well, and brute force detection.

    I already have apf and dos deflate running decent prior to this. Not sure about image magick. I'm not even sure what LAuS even is.

    I'm sure most of what is available in the sript is more useful than what I know.

    Other than that I've been looking into installing ffmpeg and ffmpeg php following the guide from hostgeekz, it seems simple enough.
    http://www.hostgeekz.com/guides/Other/70/Install_FFmpeg.htm
    http://www.hostgeekz.com/guides/Other/71/Install_FFmpeg-PHP.htm


    gameutopia
     
  5. NeilHerbert

    NeilHerbert YummyHost

    Well tbh I had installed pretty much everything I needed manually before I noticed this post, but have since tried many of the features. All ELS does is automate the installation so theres nothing nasty or anything that could probably go wrong with it. It also has a few uninstall and undo commands too if you get stuck. Though I've not really used it on my VPS, I have used it on alot of local linux boxes that I run at home and haven't had any problems with it.

    As I mentioned above, if your worried, just make sure you have updated your backup in Power Panel before you use it.

    If you run els --vps it will run through asking you if you would like to install -item- y/n? so you have the option to install it or not. The --vps option doesn't do anything thats not vps compatible. If you dunno what something does your probably better off not installing it anyway.

    If this is your first box I would really suggest you follow tutorials rather than using ELS as it seems to be more about rapid installation. Theres a good "security checklist" topic over on theplanet's forums, it's a little dated but it's still very useful http://forums.theplanet.com/index.php?showtopic=30333 and following the guide Josh posted will also help.

    Anyway good luck, hope I've been of some help.

    Neil
     

Share This Page