| Posted by Twista, 10-18-2009, 06:25 AM | | So, i been sitting here trying to figure out why im not receiving any CSF alert to my comcast.net email address. So, i just checked my logs and found the problem. But from what i read.. there is no easy way to get a PTR record. So, wtf do i do now?
|
| Posted by tanfwc, 10-18-2009, 06:36 AM | | Ask your provider to set the Rev DNS. It is very easy for them to get it done.
|
| Posted by Twista, 10-18-2009, 06:42 AM | | 1 more question as i dont wanna create a new thread.
When i change my SSH port from 22 to something else. Do i close the old 22 ports or leave them open? Is there anything else running on 22 by default? My port 22 is getting a good amount of hits showing from my iptable logs
Last edited by Twista; 10-18-2009 at 06:46 AM.
|
| Posted by Twista, 10-18-2009, 07:18 AM | | 2 more questions (cant edit my post) as i dont wanna create a new thread.
When i change my SSH port from 22 to something else. Do i close the old 22 ports or leave them open? Is there anything else running on 22 by default? My port 22 is getting a good amount of hits showing from my iptable logs
When someone says a machine is vulnerable 95% of the time because of outdated stuff/exploits with like php or mysql. (not talking about scripts such as vbulltin/invision forums)
Does running "yum update" from SSH solve those problems most of the time?
Sorry, im a linux nub.
|
| Posted by coeplicltd, 10-18-2009, 07:34 AM | | Well, if you are not using port 22 you may aswell close it.
yum update will just ensure the software installed by yum correctly, it won't update things not installed by yum iirc, it will not protect insecure configs or anything infact it will just give you the latest version ( which could potentially make things worse. )
|
| Posted by Sam Robertson, 10-18-2009, 07:35 AM | | Yes, no need to leave the port open if not in use. Make sure you open the new port in your firewall before changing it in sshd_config so that you don't get blocked out.
When you run yum update, It will update services/scripts that were installed by yum providing there is an updated version in the repo.
If you installed Apache/php/mysql from source, then it wont update them. You would need to compile them yourself.
If your server is compromised then yum update wont help, as the root kit/c99 will already be in place and you would need to manually clean it up/ reload, Updating services/scripts to the latest version won't make your server secure if you've already been compromised.
-Sam
|
| Posted by Twista, 10-18-2009, 06:09 PM | | thanks for the replies
|
| Posted by Twista, 10-19-2009, 06:33 AM | | Ok, now i have a new problem. I set the PTR up and everything is working correctly. My domain has never been flagged for spam, so is it because the DNS my provider just setup?
NOW im getting this error:
http://customer.comcast.com/Pages/FA...seoid=BL000110
2009-10-19 05:27:35 1MzpSg-0004pU-JF ** xxxxx@comcast.net F=<> R=lookuphost T=remote_smtp: SMTP error from remote mail server after initial connection: host mx2b.comcast.net [76.96.30.116]: 554 IMTA21.emeryville.ca.mail.comcast.net comcast 6xxxxxx0 found on one or more DNSBLs, see http://help.comcast.net/content/faq/BL000010
2009-10-19 05:27:35 1MzpSg-0004pU-JF Frozen (delivery error message)
Last edited by Twista; 10-19-2009 at 06:38 AM.
|
| Posted by StevenG, 10-20-2009, 03:34 AM | | Follow the instructions and link at http://customer.comcast.com/Pages/FA...seoid=BL000010 everything you need is there.
|
|
 Add to Favourites
 Print this Article
|
