Harden server security, prevent spam, enhance server performance, and improve system computability of client's servers
Data security is a prime concern for many of our customers given the serious security threats that exists in today environment. You do not want to wake up one day to discover that your server being hacked, data being stolen or a trojan hidden inside your server. How about protection against massive data flooding, denial of services, hacking and update to the latest security patches ? Here is the complete solution for you.
HTTP Intrusion and DOS Protection:
installs and configures Apache modules mod_security and mod_evasive to prevent against web application and denial of service (DOS) attacks. Mod_security is a intrusion detection and prevention engine which provides protection against a wide range of attacks, both known and unknown, against web applications. We use a customized rule set which is updated daily to ensure your server is always protected.
We also install and configure mod_evasive for Apache. This module allows Apache to provide evasive action in the event of an HTTP DoS attack, DDoS attack or brute force attack. We install a customized rule set to minimize the risk of false positives..
Security Audits:
installs and configures intrusion detection software Rootkit Hunter and Chkrootkit and configures them to perform nightly security audits to ensure your server is safe. We also install proprietary scripts which prevent against unauthorized processes and allow us to dynamically check the security of your server as attack methods evolve.
Complete list of technical services:
Firewall Protection:
- APF - Configure both ingress and egress firewall protection.
- BFD - Detect and prevent brute force attacks.
- CPHulk - Detect and prevent brute force attacks.
Spam Prevention and Anti-Virus Protection:
- ClamAV - Configure for e-mail scanning. Enable auto-updating anti-virus definitions.
- Realtime Blackhole Lists (RBLs) - Configure email server with RBLs to prevent spam.
- Harden Mailserver Configuration - Prevent against detection of valid e-mail address through brute-force attacks.
- Dictionary Attack Protection - Prevent spammers guessing email addresses on your server.
- Custom rulesets - Custom hand-selected SpamAssassin and ClamAV rulesets to increase spam detection.
HTTP Intrusion and DOS Protection:
- Mod_security - Install and configure mod_security for Apache with auto-updating ruleset.
- Mod_evasive - Install and configure DOS, DDOS, and brute force detection and suppression for Apache.
- PHP SuHosin - PHP Hardening through the Hardened PHP Project. Available on request.
Server Hardening:
- Disable IP Source Routing - Enable protection against IP source route attacks.
- Disable ICMP Redirect Acceptance - Enable protection against ICMP redirect attacks.
- Enable syncookie protection - Enable protection against TCP Syn Flood attacks.
- Enable ICMP rate-limiting - Enable protection against ICMP flood attacks.
- Harden Apache - Prevent module and version disclosure information.
- Harden SSH - Allow only SSH version 2 connections.
- Harden Named - Enable protection against DNS recursion attacks.
- Ensure Filesystem Permissions - Fix permission on world writable directories and prevent against directory-transversal attacks.
- Harden temporary directory and shared memory locations - Enforce noexec, nosuid on tmp and shm mounts.
- Remove unnecessary packages - removes RPMS which are not needed to prevent against potential vulnerabilities and free up disk space.
- Disable unused services - Disable services which are not used.
- Disable unneeded processes - Disable processes which are not needed for server operation.
- PAM Resource Hardening - Protects against exploits which use core dumps and against user resource exhausting through fork bombs and other shell attacks.
- PHP Hardening - Enable OpenBaseDir protection.
Security Audits:
- Rootkit Hunter - Nightly scan to detect system intrusions.
- Chkrootkit - Nightly scan to detect system intrusions.
- Nobody Process Scanner - Scans for unauthorized "nobody" processes.
Pricing fee :
- One time Fee for security guard services : Rp. 350.000 / VPS Server
- Continued Managed Services : Rp. 250.000 / Month - Max 5 Critical Issue
Contact US For Information and technical detail
