Home > Website Builders > Cloud Servers

How to set a secure log server

Source: Internet
Author: User
Keywords Server security we nbsp;
Tags change clean up computer connect etc file find get
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

More and more hacker appear in the Internet, more and more experts appear in the case. How do you make sure that you can save a full log? A little bit of conceptual hacker know that the first thing to do when you get into the system is to clean up the log, and the easiest and most straightforward way to find the intrusion is to look at the system records file. Now let's talk about how to set up a secure log server.

Think about how you can change your log if intruders can't connect to your log server? Now let's learn how to set up a log server without IP.

Now, let's explain how to do three things with snort:

Stealth Sniffer

Stealth NIDS Porbe

Stealth Logger

All this is used on a server without IP. NIDs is the abbreviation of receptacle intrusion dectection server, i.e. intrusion detection server.

Why stealth?

Running any service on the Internet is dangerous. Whether it is HTTP or FTP, or Telnet, in short, there will be opportunities for hack intrusion. The uniqueness of stealth logger allows us to receive data without sending any information. This way the external computer (the hack computer) cannot change the information received by Loger Server at all. That is to say, to ensure the integrity of our information, as well as the original. In order to secure the log server, it is best not to connect the log server to the network. In other words, when you need to check something on the logger server, you need to go to the computer and turn on the screen. Instead of remote login in. However, if you must connect to the Internet, then use two interfaces. That is to say two network card, and notice, first, IP forwarding must close. The second is that the interface used to do stealth logger is a network card without IP, this card must not be with another IP network card under the same network.

Set:

First of course is to make sure that your NIC is installed correctly, and can be kernel caught. Then write the module required by the NIC to the/etc/modules.conf file.

Now let's set up a network interface with no IP.

Edit File/etc/sysconfig/network-scripts/ifcfg-eth0

Vim/etc/sysconfig/network-scripts/ifcfg-eth0

Device=eth0

Userctl=no

Onboot=yes

bootproto=

broadcast=

network=

netmask=

Ipaddr=

After archiving, use Ifconfig to active our eth0 interface.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to setup a secure server how to secure a web server how to secure a linux server how to setup a secure email server how to setup a secure ftp server how to setup a secure web server how to secure a server room
Related Article
Some suggestions for improving SQL execution efficiency
A collection of sophisticated SQL statement techniques
3 Steps to address SQL injection pitfalls
SQL Optimization Experience Summary 34
Search results sorted by matching fields

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

Hot Article
Hot Tags
computing conference access forum computer class data get http html applications
Popular Keywords
html add blank space register business logo register ssl certificate full site sign in sign up node js build cloud register register a subdomain in python network management system tutorial how to learn computer science by myself

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More