Easy Linux Security :UPDATE

From http://www.servermonkeys.com

ELS

ELS stands for Easy Linux Security. ELS takes many of the tasks performed by our Administrators and puts it into an easy to use program for anyone to use. It is released under the GNU/GPL so it is free to use.

This program is always being improved with new features and bugfixes, so be sure to keep it up to date. If you found a bug or would like an improvement, please let us know! This program was made and is maintained in Rich’s free time (which isn’t often anymore). If you really like this program, donations are more than welcome! The only donation isn’t a monetary donation. If you have experience with coding in Linux Shell or other languages, anything you can add to improve this program is very welcome.

Supported Operating Systems

* Red Hat Linux 9
* Red Hat Enterprise Linux 3, 4
* Fedora Core 1, 2, 3, 4
* CentOS 3, 4

What ELS Does

* Install RKHunter
* Install RKHunter Cronjob which emails a user-set email address nightly
* Install/update APF
* Add SM/TP monitoring IPs (view information on these in Orbit)
* Install/update BFD
* Install CHKROOTKIT
* Install CHKROOTKIT Cronjob which emails a user-set email address nightly
* Disable Telnet
* Force SSH Protocol 2
* Secure /tmp
* Secure /var/tmp
* Secure /dev/shm
* Install/update Zend Optimizer
* Install/update eAccelerator
* MySQL 4.0 and 4.1 Configuration Optimization (cPanel only)
* Upgrade MySQL to 4.1 (cPanel only)
* Tweak WHM Settings for security and stability
* Configure RNDC if not already done (cPanel only)
* Change SSH port (also configure APF as necessary)
* Add wheel user and disable direct root login over SSH
* Optimize MySQL tables
* Install/update Libsafe
* Install/update ImageMagick (from latest source)
* Uninstall LAuS
* Harden sysctl.conf
* Install Chirpy’s Free Exim Dictionary Attack ACL
* And more!

Install

To install ELS, simply run the following command as root:

wget --output-document=installer.sh http://servermonkeys.com/projects/els/installer.sh; chmod +x installer.sh; sh installer.sh

 
 
ELS specific commands:

--checkall : Check if everything is okay
--help : Print this help screen
--update : Update the ELS (this) program to the latest
: version
--version : Print the current ELS version

ELS usage:
--all : Install/update all supported software, improve
: security and optimize some programs and
: configurations
--apc : Install/Update APC (Alternative PHP Cache)
--apf : Install/Update APF Firewall
--bfd : Install/Update BFD (Brute Force Detection)
--chkrootkit : Install/Update CHKROOTKIT
--chkrootkitcron : Install a CHKROOTKIT cronjob (to run nightly)
--chmodfiles : Chmod dangerous files to root only
--cpvcheck : Check your control panel version
--disablephpfunc : Disable dangerous PHP functions
--disabletelnet : Disable telnet
--distrocheck : Check your OS version
--eaccelerator : Install/Update eAccelerator
--forcessh2 : Force SSH protocol 2
--hardensysctl : Hardening sysctl.conf
--imagemagick : Install/Update ImageMagick
--libsafe : Install/Update Libsafe
--mysqloptimizedb : Run a simple MySQL table optimization and repair command
--mysqlrenice : Renice MySQL to -20 for highest priority
--mytop : Install/Update MyTOP
--optimizemysqlconf : Optimize MySQL configuration file (/etc/my.cnf)
--rkhunter : Install/Update RKHunter
--rkhuntercron : Install a RKHunter cronjob (to run nightly)
--rootloginemail : Add an alert for root login to
: /root/.bash_profile (email must be provided
: for this option)
--securepartitions : Secure /tmp, /var/tmp, and /dev/shm partitions
: (whether in /etc/fstab or not)
--setupcrons : Setup RKHunter and CHKROOTKIT cronjobs as well
: as Root Login Alert
--sshport : Change the port the SSH deamon is listening on
: (also modifies APF config to use new port)
--suhosin : Install/Update suhosin
--up2dateconfig : Edit up2date configuration file to exclude some
: programs
--vps : Similiar to --all, but skips operations not
: compatable with Virtual Private Servers
--wheeluser : Add a wheel user and force no root login in the
: SSH deamon's configuration
--yumconfig : Edit yum configuration file to exclude some
: programs
--xcache : Install/Update XCache
--zendopt : Install/Update Zend Optimizer

Remove/Undo functions:
--enablephpfunc : Enable dangerous PHP functions
--enablephprg : Enable PHP register_globals
--removeapf : Remove APF firewall
--removebfd : Remove BFD (Brute Force Detection)
--rmchkrootkitcron : Remove a CHKROOTKIT cronjob
--rmrkhuntercron : Remove a RKHunter cronjob
--undomysqlrenice : Undo MySQL renice

DirectAdmin specific commands:
--updateda : Update DirectAdmin version

cPanel specific commands:
--eximdictatk : Install the Exim Dictionary Attack ACL for
: cPanel/WHM servers
--fantasticoinstall : Install the Fantastico files for cPanel/WHM
: servers
--fixrndc : Fix RNDC if not already configured on
: cPanel/WHM servers
--tweakcpsettings : Tweak cPanel's Tweak Settings file

 
 
Example usage:
[root@linux ~]# els --disablephpfunc

This feature can disable dangerous PHP functions.
Proceed? (y/n): y
Backing up current configuration file...
Successfully backed up as /usr/local/els/bakfiles/php.ini-disable-functions.bak!
Modifying configuration file, disable_functions found...
Edit successful!
Restarting httpd service...
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
Done. Now PHP has dangerous functions disabled.

 
 
The php.ini disable_functions result will be as below:

[root@linux ~]# php -i | grep disable_functions
disable_functions => symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd => symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd

g33kadmin

I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.