@Brett - That's fantastic. I am going to work on it over the next couple weeks and see how far I can get. As I am sure I have made evident, I'm like a blind man with a chainsaw here. :P How would that work with say Snort configured with iptables? I've always been one to be in the mindset of 'configure it your self, or it won't do what you expect' mindset. Is that not necessarily true when configuring and securing servers?
@AJ - I hear what you're saying about Ubuntu vs. Debian, but isn't Debian basically just the 'clean slate' where you can do anything, vs Ubuntu Server where it comes with a lot pre-loaded? I have two gripes about Ubuntu server... 1) It's quirky - it acts weird out of the box, in my limited experience... 2) It comes with software installed that I have no idea what it is necessarily, or how to configure/use it. :P But alas, that's really just a lack of experience. @Rene - I see lots of people saying fail2ban is invaluable, and I have gotten it compiled (after realizing I can just apt-get it) and theoretically running, but the documentation is pretty limited. I have no idea what I'm doing and I haven't really found a good tutorial about it. I am still working on getting iptables configured properly. It's a bit trickier than I had originally imagined. When you all are working in your servers, do you ever use a GUI at all? (don't hate me for being a total newbie :P ) And, that's not to say that I am uncomfortable in the console, just .. well, see the blind man / chainsaw reference. @Richard - That's an awesome tutorial. I am still working my way through it, but the information there is invaluable (albeit somewhat redundant and common sense) - but it's always good to cover even the most basic basics. Thanks! @David - Hurray C! :D Can you two debaters tell me why Ubuntu server is preferable over Debian? I'm still doing my head scratch here. And, any additional information regarding fail2ban would be fantastic! I have read quite a bit about it, and it seems awesome... but for me, I have no idea where to even begin in configuring it properly. @Jim - Thank you for the advice. I am unclear as to how users for services are handled. Though, I guess it makes sense that if a service needs its own user, then logins shouldn't be allowed. But if that's the case, then how does one (the service) even run as said user? As far as the brute force or the ftp-eavesdrop, I highly doubt either. FTP was never set up for just that reason of being too insecure (not that it ultimately would have mattered). @Mark - Thanks for those links. Once I get the server back up and running nicely, I am going to check both of those out further. @Joe - What tools do you use to keep your self safe? I am more interested in Debian vs. Ubuntu for the reason mentioned above - I have no idea what the differences are (I know ubuntu is debian based, but what comes pre-loaded? How does that impact me?) and I really do have the mindset of do it your self if you want it done right. Is that unreasonable thinking? As far as logs go, they're long gone. We didn't much care, we knew it happened and we have a fairly good idea how it happened. That being said, we just wiped (there are two drives, one boot and one thats exclusively media - should we be worried about the media drive?) and started over. Dave's server now has ubuntu server on it, where mine has Debian (still fighting with my router though). Theoretically, we can do identical things to them and achieve similar if not identical results, right? @Rubin - I can pretty well understand that code (I really am not a complete noob here, I am pretty comfortable hack and slashing in a terminal) but I have no idea where it goes / how I would go about implementing it. Can you elaborate here for me? @Dan - How does one go about modifying a users shell access level? Your advice is great, I appreciate it a lot. Thank you all for the responses, and I apologize for not getting back sooner. Took a hiatus to NH for a few days, but am looking forward to sinking my summer into getting a secure, stable server up and running (F@Hanyone? ) If anyone has any other tips or thoughts, or that might even want to hold my hand for a while along the road to security, I would be greatly appreciative. :) -Pat
