Securing your RAQ550

From CobaltFAQs

Jump to: navigation, search

There are multiple additional steps you can peform to secure your Cobalt RAQ550. You can install the following applications:

1. Libsafe - http://www.research.avayalabs.com/project/libsafe/ Libsafe helps protect your RAQ from certain types of buffer overflows by preventing them at the time the appropriate library call is made. Just follow the installation instructions. The only conflict I found was that the iptables are not loaded correctly after booting. I added a cron job with the command /etc/rc.d/init.d/iptables reload &> /dev/null to reload the iptables.

2. Advanced Policy Firewall - http://www.rfxnetworks.com/apf.php Just follow the installation instructions. It is easy to customize the conf.apf to reflect the protocols you are using. Don't forget to include the port 444 to allow you to login remotely. Finally do not disable the debug mode until you have tested it or you may be locked out!

3. Brute Force Detection - http://www.rfxnetworks.com/bfd.php BFD works with APF above to identify potential hackers and prevent them from accessing your RAQ. It works by reviewing the SSH/FTP/POP3 logs and looking for login failures.

4. Mod_Security - http://www.modsecurity.org/ ModSecurity allows the web server to review requests made to your server before they are executed. So you can prevent unauthorized commands for PHP SQL injection, operating system commands, etc. Just follow the standard installation process for Apache 1.x.

While this is not a comprehensive list of security customizations, it does provide you with sophisticated tools that go beyond what Cobalt provides to secure your server.

--ChrisD 18:35, 15 May 2005 (UTC)

Personal tools