با سلام
با این اسکریپت میتونید به راحتی برنامه های امنیتی زیر رو روی سرور پیاده سازی کنید با امکان نصب و حذف و آپدیت راحت هر کدوم !
- Install RKHunter
- Install RKHunter Cronjob which emails a user-set email address nightly
- Install/update APF
- Install/update BFD
- Install CHKROOTKIT
- Install CHKROOTKIT Cronjob which emails a user-set email address nightly
- Disable Telnet
- Force SSH Protocol 2
- Secure /tmp
- Secure /var/tmp
- Secure /dev/shm
- Install/update Zend Optimizer
- Install/update eAccelerator
- MySQL 4.1 and 5.0 Configuration Optimization
- Upgrade MySQL to 5.0
- Tweak WHM Settings for security and stability
- Configure RNDC if not already done (cPanel only)
- Change SSH port (also configure APF as necessary)
- Add wheel user and disable direct root login over SSH
- Optimize MySQL tables
- Install/update Libsafe
- Install/update ImageMagick (from latest source)
- Uninstall LAuS
- Harden sysctl.conf
- Install Chirpy's Free Exim Dictionary Attack ACL (cPanel only)
- And more!
سیستم عامل های مورد پشتیبانی :
- Red Hat Linux 9
- Red Hat Enterprise Linux 3, 4, 5
- Fedora Core 1, 2, 3, 4, 5 and 6
- Fedora 7
- CentOS 3, 4, 5
- Debian 3.0, 3.1, 4.0
نصب :
حذف :
کد:
rm -fr /usr/local/els
Debian user: do not use (MySQL 4.1 and 5.0 Configuration Optimization)
این هم دستورات این برنامه مفید :
کد:
ELS specific commands:
--checkall : Check if everything is okay
--help : Print this help screen
--update : Update the ELS (this) program to the latest
: version
--version : Print the current ELS version
ELS usage:
--all : Install/update all supported software, improve
: security and optimize some programs and
: configurations
--apc : Install/Update APC (Alternative PHP Cache)
--apf : Install/Update APF Firewall
--bfd : Install/Update BFD (Brute Force Detection)
--chkrootkit : Install/Update CHKROOTKIT
--chkrootkitcron : Install a CHKROOTKIT cronjob (to run nightly)
--chmodfiles : Chmod dangerous files to root only
--cpvcheck : Check your control panel version
--disablephpfunc : Disable dangerous PHP functions
--disabletelnet : Disable telnet
--distrocheck : Check your OS version
--eaccelerator : Install/Update eAccelerator
--forcessh2 : Force SSH protocol 2
--hardensysctl : Hardening sysctl.conf
--imagemagick : Install/Update ImageMagick
--libsafe : Install/Update Libsafe
--mysqloptimizedb : Run a simple MySQL table optimization and repair command
--mysqlrenice : Renice MySQL to -20 for highest priority
--mytop : Install/Update MyTOP
--optimizemysqlconf : Optimize MySQL configuration file (/etc/my.cnf)
--rkhunter : Install/Update RKHunter
--rkhuntercron : Install a RKHunter cronjob (to run nightly)
--rootloginemail : Add an alert for root login to
: /root/.bash_profile (email must be provided
: for this option)
--securepartitions : Secure /tmp, /var/tmp, and /dev/shm partitions
: (whether in /etc/fstab or not)
--setupcrons : Setup RKHunter and CHKROOTKIT cronjobs as well
: as Root Login Alert
--sshport : Change the port the SSH deamon is listening on
: (also modifies APF config to use new port)
--suhosin : Install/Update suhosin
--up2dateconfig : Edit up2date configuration file to exclude some
: programs
--vps : Similiar to --all, but skips operations not
: compatable with Virtual Private Servers
--wheeluser : Add a wheel user and force no root login in the
: SSH deamon's configuration
--yumconfig : Edit yum configuration file to exclude some
: programs
--xcache : Install/Update XCache
--zendopt : Install/Update Zend Optimizer
Remove/Undo functions:
--enablephpfunc : Enable dangerous PHP functions
--enablephprg : Enable PHP register_globals
--removeapf : Remove APF firewall
--removebfd : Remove BFD (Brute Force Detection)
--rmchkrootkitcron : Remove a CHKROOTKIT cronjob
--rmrkhuntercron : Remove a RKHunter cronjob
--undomysqlrenice : Undo MySQL renice
DirectAdmin specific commands:
--updateda : Update DirectAdmin version
cPanel specific commands:
--eximdictatk : Install the Exim Dictionary Attack ACL for
: cPanel/WHM servers
--fantasticoinstall : Install the Fantastico files for cPanel/WHM
: servers
--fixrndc : Fix RNDC if not already configured on
: cPanel/WHM servers
--tweakcpsettings : Tweak cPanel's Tweak Settings file
امیدوارم مفید واقع شده باشه :D
با تشکر/.
شریفی