|
Complete list of technical services: |
|
|
|
Firewall Protection: |
|
|
|
APF Configure both ingress and egress firewall
protection. |
|
BFD Detect and prevent brute force attacks. |
|
CPHulk Detect and prevent brute force attacks. |
|
|
|
Spam Prevention and Anti-Virus Protection: |
|
|
|
ClamAV Configure for e-mail scanning. Enable
auto-updating anti-virus definitions. |
|
Realtime Blackhole Lists (RBLs) Configure email
server with RBLs to prevent spam. |
Harden Mailserver Configuration Prevent against
detection of valid e-mail address through brute-force
attacks.
Also enable HELO verification and other sanity checks. |
|
Dictionary Attack Protection Prevent spammers
guessing email addresses on your server. |
|
Checksum-based Collaborative Filtering DCC and
Razor to detect mass-mails. |
|
OCR Technology Optical Character Recognition
engine to detect spam in email as images and PDF files. |
|
Custom rulesets Custom hand-selected
SpamAssassin and ClamAV rulesets to increase spam
detection. |
|
|
|
HTTP Intrusion and DOS Protection: |
|
|
|
Mod_security Install and configure mod_security
for Apache with auto-updating ruleset. |
|
Mod_evasive Install and configure DOS, DDOS,
and brute force detection and suppression for Apache. |
|
PHP SuHosin PHP Hardening through the Hardened
PHP Project. Available on request. |
|
|
|
Server Hardening: |
|
|
|
Disable IP Source Routing Enable protection
against IP source route attacks. |
|
Disable ICMP Redirect Acceptance Enable
protection against ICMP redirect attacks. |
|
Enable syncookie protection Enable protection
against TCP Syn Flood attacks. |
|
Enable ICMP rate-limiting Enable protection
against ICMP flood attacks. |
|
Harden host.conf Enable spoofing protection and
protection against DNS poisoning attacks. |
|
Harden Apache Prevent module and version
disclosure information. |
|
Harden SSH Allow only SSH version 2
connections. |
|
Harden Named Enable protection against DNS
recursion attacks. |
|
Ensure Filesystem Permissions Fix permission on
world writable directories and prevent against
directory-transversal attacks. |
|
Harden temporary directory and shared memory
locations Enforce noexec, nosuid on tmp and shm
mounts. |
|
Harden fetching utilities - Allows root-only
access of wget, curl, and other utilties often used in
web-based attacks. |
Remove unnecessary packages removes RPMS which
are not needed to prevent against potential
vulnerabilities
and free up disk space. |
|
Disable unused services Disable services which
are not used. |
|
Disable unneeded processes Disable processes
which are not needed for server operation. |
PAM Resource Hardening Protects against
exploits which use core dumps and against user resource
exhausting through
fork bombs and other shell attacks. |
|
PHP Hardening Enable OpenBaseDir protection. |
|
|
|
Server Optimization: |
|
|
|
Optimize TCP/IP stack Various changes to TCP/IP
stack to increase buffers and optimize for server
environment. |
|
PHP Configuration Enables widely used PHP
modules for maximum compatibility. |
|
MySQL Optimization Optimizes MySQL performance
for server configuration and enable query caching. |
|
PHP Caching Optimizes PHP performance through
EAccelerator script caching. |
|
FFMPEG and related software support FFMPEG,
Mencoder, flvtool2, and all related applications. |
|
Graphic Applications Installs widely-used
graphic applications NetPBM and ImageMagick. |
|
Monitoring Applications Installs MyTOP, Iptraf,
and Iftop utilities to easily monitor server
performance. |
|
|
|
Security Audits: |
|
|
|
Rootkit Hunter Nightly scan to detect system
intrusions. |
|
Chkrootkit Nightly scan to detect system
intrusions. |
|
Nobody Process Scanner Scans for unauthorized
"nobody" processes. |
26411111, 26472222, 26483333
Yms: economical_host
