George Hubka

Just surfing for fun today and came across a quick and easy tutorial for securing your linux server.  While not the end all for security, it sure is a great start.
http://mysql-apache-php.com/basic-linux-security.htm

Mod_security is an awesome tool to scan query strings for malicious content…blocking it before it ever enters execution.
One of the best resources I have ever found to get some mod_security rules. They have both rules for versions 1 and 2. These rules block hundreds of attempts on my server every day.
http://www.gotroot.com/downloads/ftp/mod_security/rules.conf

Here is an interesting way to annoy those people that think they just found an open wireless access point. With some creative iptables and perl things get really interesting
http://www.ex-parrot.com/~pete/upside-down-ternet.html

By disabling recursive lookups on your server, you will help in the never ending battle against SPAM…
1. SSH Into your Server
2. Do a nano -w /etc/named.conf
3. Search for // query-source address * port 53;
4. Type Recursion no;
5. Save and Restart Bind

there is a great utility that will help to monitor and control processes on a linux box called monload2.  It can be found at http://www.dei.isep.ipp.pt/~andre/extern/monload2.html 
from the site…
The monitor program - how it works
We first address the high load mad process problem, that was easy, from time to time we run the ps command to check […]

Here are a few commands strung together to find all the files that are more than 1000000c in size.
What is 1000000c? That would be character (unbuffered) special
find /var -size +1000000c -exec ls -l {} \;
 a variation on this is to find large files that have been accessed in the last day
find /var -type f -size +2048b -mtime […]

AT&T once had a server of mine incorrectly listed in their spam filter.  It took hours to find, but finally I found an address to get removed from the list.  In case you ever need it here it is
abuse_rbl@att.net

There is a tool that I highly recommend running on any Linux box to help detect problems and root kits, rkhunter.
It is available via http://www.rootkit.nl/
What makes it a must have is that you can automate the running and updating of the package, and have it send you daily reports of what it finds.
to get started, […]

Anti-Leach tutorial.
If you need to prevent people from linking to your image from other web sites this can be accomplished in apache via a .htaccess file.
Leachers will just get a “X” instead of an image.
RewriteEngine
OnRewriteCond %{HTTP_REFERER} !^http://www.yoursite.com [NC]
RewriteCond %{HTTP_REFERER} !^http://yoursite.com [NC]
RewriteRule [^/]+.(gif|jpg)$ - [F]
Note: The first line is only necessary if this is not […]

In PHP there is a vulnerability involving the ROOT_PATH include. It bascially allows via poor coding and a well constructed querystring to pass a file to PHP from a remote server and execute the code. As an example the included file could be used to send spam or phishing email be routing it […]