I went with PlatinumServerManagement.com for my first ever dedicated server. Very taunting experience and I don't recommend them. They load you server with old outdated software and pray on your lack of knowledge. They treat you like hay you only pay 30 dollars a month put up or shut up. They use this copy reply found all over the internet when they set up your first initial security hardening setup. They even copy the software they install. The following is a list of software and configurations that we have now installed to secure, optimize and harden your server. The following software is not resource intensive, therefore you will not see any decrease in performance. We've installed CHKRootKit, which is a program that looks for known signatures in trojaned system binaries, it basically detects if your system has been compomised. We've ran CHKRootKit on your system and the output returned clean. We've installed Rootkit Hunter, which is scanning tool to find most types of exploits (backdoors, suspicious files, md5 hash comparisons, and is over 99% accurate in detecting such exploits. We've scanned your system with the Rootkit Hunter and it reported that your system is clean. APF Firewall has been installed and configured to only allow traffic on the ports that are used. In addition, we've configured the Anti-DOS function in APF. This additional module helps mitigate and prevent certain types of DOS (denial of service) attacks to your server. A daily cron has been inserted to flush the firewall deny list. This prevents common problems associated with the deny list growing so huge, such as hanging upon bootup, slow down in server performance, etc. BFD (Brute Force Detection) has been installed. This program works real time in conjunction with APF firewall to block any IP Addresses of users that fail authentication more than 3 times in 10 minutes. Logwatch has been installed now. This program parses through your server's logs and reports to you via e-mail on a daily basis with tabulated information. SIM (System Integrity Monitor) has been installed on your server now, this software checks all services 24x7 and restarts them if they are down. An e-mail is dispatched a downed service is detected and restarted. Apache (HTTPD) web server has been optimized and secured. For extra http/php security, we can install mod_security if you would like, it is not installed by default because it can interfere with certain common functions. If you would like mod_security installed, just let us know and we'll be more than glad to install this for you. MySQL Server has been optimized to perform at it's best under the most common and standard environments. System Configuration File host.conf has been secured and hardened to prevent DNS lookup poisoning and also provide protection against spoofs. System Configuration File nsswitch.conf has been secured and hardened. We have also optimized it to perform DNS lookups more efficiently. System Configuration File sysctl.conf has been secured and hardened to help prevent the TCP/IP stack from syn-flood attacks. It is also configured to prevet other various and similar network abuse. All of your vulnerable directories (/tmp, /var/tmp, /dev/shm and /usr/local/apache/proxy) have been reviewed and are clean now. /tmp and /var/tmp have been hardened and secured to prevent the execution of malicious scripts The old archived logs files that have been rotated located in /var/log have been removed to free up space in the /var partition/directory. MyTOP has been installed. This is an administrative console based tool for monitoring MySQL threads/processes and performance. You may have to type "mysqladmin create test" before running mytop. We have setup a root login notification script and logger. This will send an e-mail to 'root' everytime someone logs into your server as root. Also, it will keep track of all logins in a history file located in /var/log/rootlogins SPRI has been installed now. This program changes the priority of different processes in accordance to their level of importance. You should see at least a 5-20% decrease in the average load level of your server on average. We have disabled the Mchat, Cgiecho, Cgiemail, Guestbook, Counter and Formmails from CPanel's system wide cgi-sys directory. The are the most commonly exploited scripts since they are in the same location on every CPanel server in the world. !!IMPORTANT!!: If any of your users are using any of those programs, they will no longer work. If you want us to re-enable them, just let us know. Unused programs have been disabled from the OS of your server. This reduces the chance of being compromised through software exploits on old or deprecated programs. MultiTail has been installed and gives you the ability to tail (view realtime activity) multiple log files simultaneously. PHPSysInfo has been installed. This is a GUI (graphical user interface) to your server's vital statistics. You can view it by going to Replace with your own server's IP Address. You will have to enter your root login information to gain access as it is protected under your root WHM login. Telnet has been disabled to prevent insecure transmissions of data and passwords, SSH must be used instead of Telnet, and functions the same way. SSH has been hardened by restricting the SSH Protocol to SSH 2. SSH will still function the same way, just more secure. If you would like your ssh port changed, or direct root login disabled, just let us know and we'll be more than glad to do this for you. If you or your datacenter monitors your server by icmp/ping, please let us know. Fileman (Filemanager developed by gossamer-threads.com) has been installed into WHM with root level permissions. This allows system root files to be edited in an emergency situation when SSH is not accessible. You can access Fileman by going to Replace with your own server's IP Address. You will have to enter your root login information to gain access as it is protected under your root WHM login. !!IMPORTANT!! This simulates SSH access, treat it as such, do not use it unless you are familiar with SSH. Moreover, do not execute any commands you are not fluent with. As with SSH, damage can be done if Fileman is not used properly. If you are unfamiliar with SSH, do NOT use this program. It should be left in case of such an emergency. Again, this file can only be accessed through WHM while being logged in as root. Shell Fork Bomb/Memory Hog Protection has been enabled. Fork Bomb/Memory Hog protection will prevent users logged into a shell (ssh/telnet) from using up all the resources on the server and causing a crash. Background Process Killer has been enabled to kill any of the following which are commonly recognized bad processes: BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink and related services. A warning message has been created for the SSH login welcome screen. Any user that logs into your server via SSH, will see a message stating SSH is for authorized users only, and any unauthorized access will be reported to the law enforcement authorities. Your FTP server software has been upgraded and secured. We've ran and simulated a basic password scan hack attempt, the results have been emailed to 'root' and a copy of the results have been saved on your server at /root/security/passwordscanner.output If you would like any other security software installed, just let us know and we'll be more than glad to do so. * IMPORTANT * PLEASE READ * IMPORTANT * Can we guarantee your system will be hacker proof? No, nobody can! It is 100% impossible to make a server hacker proof, that's a fact. This is even more impossible when vulnerable freeware scripts are so commonly used (forums, bb's, guestbooks, formmails). Nevertheless, even multibillion dollar company's such as banks, government computers, credit card companies, have had server's compromised. We consider our security hardening procedures to make your system hacker resistant. The software we install secures the system without adversely effecting or hindering the normal operations of your server. Please note that over 99% of hacks come from insecure php scripts. These insecurities in php scripts come from the programming code, and therefore there is absolutely no way search to find "all" insecure scripts. Remote based hacks are extremely rare. If there is no weak passwords, and no insecure php scripts, you have an very rare chance of ever being hacked. So as long as you and your users keep all of your scripts up to date, and remove any unused scripts and remove any insecure scripts, then the chances of being hacked through the most common method is greatly reduced. If you feel your users do not know how to check or are not responsible enough to keep their scripts secure, we can secure php by enabling safemode (and other similar restrictions for php such as openbasedir restriction, disabling of commonly exploited functions, phpsuexec, etc.), and this will make php much more secure. However, the downside to doing this is that it will also interfere with a lot of scripts that don't work under these restrictions. If you would like this done, just let us know and we'll be more than glad to. liquidsupport.com on the other hand respect you no matter what. They always reply to your tickets with a courtesy Acknowledgment. They reply really really quick and there service is number one.

More...