Network and server security can be expensive, but not having good security is even more expensive. Fortunately, you can have the best of both worlds thanks to the many free and open source security solutions that are available to web hosting professionals and system administrators. The following are five that will help lock down your server and keep you informed when evildoers strike.
1. APF firewall – Highly customizable and easy to use, APF relies on the trusted iptables framework to deliver a secure firewall system for servers. With it, you can lock down your server in a matter of minutes.
2. ModSecurity – For websites with web applications, this is a must. A network firewall will not protect you from script intrusions, but ModSecurity might. It is a web application firewall that sits in between your web server and the web.
3. OSSEC – Trend Micro, the company responsible for several virus protection products, acquired and maintains the open source version of this intrusion detection system. It has tools like a rootkit detector that come in handy when you need to check under the bed for boogie men.
4. SELinux – Originally developed by the U.S. National Security Agency, Security-Enhanced Linux offers flexible Mandatory Access Control (MAC) and many other security features not available by default. Add this to your Linux installation for added protection.
5. Logwatch – Even with all of the tools listed above, there is still a chance you might get hit with an attack. Logwatch keeps you in the loop so you can monitor your server’s logs closely. This is good for both maintenance and security.
No solution is fool proof, but with the right collection of security tools at your disposal, you can make your server an impenetrable fortress.