Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd please sign up again. Thanks!

CSF/LFD, DenyHosts, Fail2Ban or other?

Discussion in 'Server Security' started by Rob, Nov 10, 2011.

?

Which add-on security tools do you use?

  1. CSF/LFD

    0 vote(s)
    0.0%
  2. DenyHosts

    0 vote(s)
    0.0%
  3. Fail2ban

    0 vote(s)
    0.0%
  4. cPHulk

    0 vote(s)
    0.0%
  5. iptables

    0 vote(s)
    0.0%
  6. Other

    0 vote(s)
    0.0%
Multiple votes are allowed.
  1. Rob

    Rob Guest

    Do you use security add-on tools like the configserver firewall, denyhosts, fail2ban, cphulk, etc..? If so, which one(s) and why? Have you tried the others?


     
  2. Rob

    Rob Guest

    To answer my own question ;)

    I'm using and have used all of these on different servers.. my favorite right now is probably csf/lfd, but a close second is denyhosts.
     
  3. tomfmason

    tomfmason Guest

    I use a combo: IPtables, Fail2ban, and Shorewall
     
  4. MustangV10

    MustangV10 Guest

    I use CSF/LFD. It's got tons of features for free software, and it's development cycle is pretty good too. Some new features added recently that I like.
     
  5. DaReaper

    DaReaper Guest

    I use CSF/LFD on my webserver. I think it has it's own set of iptables and rules. It's very reliable when your server is under attacks like Syncflood or a Dos attack.

    However i've disabled LFD from mailing me cause i get tons of emails saying that one or the other process is using too much memory. Well i've tried to check what's causing it and fixed most of them. Some were related to php-cgi eating up a lot of memory.

    I think the Kloxo panel uses it's own kind of security for failed login attempts. I don't know if it's fail2ban but i'm guessing it does the same function.

    Additionally I also use a Rootkit scanner - chkrootkit - http://www.chkrootkit.org/
     
  6. ehansen

    ehansen Guest

    I chose iptables and fail2ban because of their integration with each other, but I have to say thank you so much for mentioning CSF/LFD. I never heard of this system/tool before but I reviewed it a little bit and am going to load it into a VM tonight and see what this bad boy can do. Its amazing at how this very powerful tool can be free.
     
  7. Rob

    Rob Guest

    Careful.. We've noticed it sometimes will hang a xenserver vps w/cent 64 on it.. couldn't figure that one out..
     
  8. ehansen

    ehansen Guest

    It wouldn't be put out into production anyways until I figured it being a valid candidate, but I'll definitely keep that in mind, especially if I decide to use it as part of my security platform. Thanks for the heads up!
     
  9. Rob

    Rob Guest

    We had probably 10 production servers running it clustered and each would lock up about twice/month at different times.

    Most ppl never see this issue..
     
  10. ehansen

    ehansen Guest

    Did you ever find the cause of the issue? I remember when I was working at a hosting company around here and there was one XenServer account that would crash the entire server...their website was using up too much memory due to poor programming on their website.
     
  11. Rob

    Rob Guest

    Nope.. when we removed csf/lfd the lockups stopped. Nothing in the logs..
     
  12. ehansen

    ehansen Guest

    Hm, weird. Could've been the same issue, who knows, lol. I'll take it into consideration though, because my server is quite underpowered performance-wise (though it does meet my needs so I can't complain).
     
  13. Rob

    Rob Guest

    We updated xenserver - testing csf/lfd on a couple boxes again to see if anything changed..
     
  14. Debian.VN

    Debian.VN Guest

    This poll should not separate CSF/LFD with iptables, because CSF/LFD is being based on iptables.
     
  15. Rob

    Rob Guest

    Well, it is separated out because some just use standalone iptables rules though :)
     

Share This Page