Server Configuration Services
Do you require a server to be setup in a certain way? Allow us to correctly setup and configure a server at the kernel level and secure the server correctly.
EXIM Phishing Protection
Tired of spammers and phishers using and abusing your e-mail service before you have a chance to stop them? Let us make some modifications with our latest up-to-date protection list to EXIM which will block most phishers and they won't get your IPs blacklisted!
Order EXIM Phishing Protection Package
IonCube & ZendEncoder
Let us install and setup both IonCube and Zend on your server so that your clients can make full use of PHP applications.
Order IonCube & ZendEncoder Package
Let us install and setup CHKRootkit Hunter on your server which will monitor for rootkits and compromised files and send you e-mail logs.
Order CHKRootkit Package
Let us install and setup RKHunter on your server which will monitor for rootkits and compromised files and send you e-mail logs.
Order RKHunter Package
LES (Linux Environment Security)
Let us install and configure LES for maximum performance so that you get the MOST out of your server!
Linux Environment Security is intended as a facility to quickly & easily secure RedHat/RPM based environments. It does such by enforcing root-only permissions on system binaries (binaries that have no place being executed by normal users), enforcing root-only path traversal on system paths, enforcing immutable bit on essential rpm package contents (i.e: coreutils), and enforcing immutable bit on shell profile scripts.
The combined usage of all LES options provides an increased level of local environment security, with the goal of preventing environment based attacks. Such attacks would consist of compromised system binaries; tainting the $PATH variable to point to invalid paths where trojan/malicious binaries are located; alterations to user profile scripts to activate key loggers or process based hi-jacking; traversal exploration of the system paths etc; the possible attack trends are numerous hence the importance of hardening the local environment space.
Order LES (Linux Environment Security) Package
LSM (Linux Socket Monitor)
Let us install and configure LSM for maximum performance so that you get the MOST out of your server!
LSM is a network socket monitor; it is designed to track changes to Network sockets and Unix domain sockets, effectively a port monitor. It does this by a rather simple differential based comparison of current and new server sockets (Server Ports). A simple and configurable alerting system sends alerts whenever new ports activate. LSM will ignore services that are currently holding sockets open, events are only applicable when a 'new' socket (port) is created.
Order LSM (Linux Socket Monitor) Package
NSIV (Network Socket Inode Validation)
Let us install and configure NSIV for maximum performance so that you get the MOST out of your server!
Network socket inode validation is a rule based utility intended to aid in the validation of inodes against each LISTEN socket on a system. The nature for this app is such that rouge binaries can easily hijack a user, program privileges, or work space; and utilize such to kill the old service & execute a new service on the known port they crashed. The best known examples of this trend is 'tmp' path uploaded content via php remote include exploits; which is executed, crashes the web server and starts a rouge httpd process and other such items.
A simple structure of validation is used by NSIV to verify the integrity of services on a given system. The rules system has 3 required variables; the first being a declared PORT value for which the service is known to operate on, the second is the BIN value which is simply the path to your service executed binary and the third option is the RST value which points to an init script with restart flags.
The execution cycle of NSIV is very simple, first it determines the running process ID of your binary followed by the trusted inode (that which is associated to the BIN variable). Then, the PORT value is used to check that the binary holding said port open actually references back to the trusted inode, if it does not then we assume the service has been hijacked and the PID is killed / RST executed with optional e-mail alert dispatched.
Order NSIV (Network Socket Inode Validation) Package
PRM (Process Resource Monitor)
Let us install and configure PRM for maximum performance so that you get the MOST out of your server!
PRM monitors the process table on a given system and matches process id's with set resource limits in the configuration file or per-process based rules. Process id's that match or exceed the set limits are logged and killed; includes e-mail alerts, and kernel logging routine.
Order RM (Process Resource Monitor) Package
SIM (System Integrity Monitor)
Let us install and configure SIM for maximum performance so that you get the MOST out of your server!
SIM is a system and services monitor for 'SysVinit' systems. It is designed to be intuitive and modular in nature, and to provide a clean and informative status system. It does this by consistently verifying that services are online, load averages are in check, and log files are at reasonable sizes. Many other SIM modules sport different and in-depth features to bring a well rounded tool to your disposal to stop otherwise common issues daunting internet hosts.
Order SIM (System Integrity Monitor) Package
SPRI (System Priority)
Let us install and configure SPRI for maximum performance so that you get the MOST out of your server!
The problem? Linux has priority levels to thread all tasks at, these prio's are ranged from -20 to +19 (negative = high prio, positive = low prio) with 0 as the default for all processes. So this being the fact, with everything operating at prio 0 you got fights between services as to who gets what resources first.
Solution? Very simply, que different processes at different priority levels to effectively discipline the system on who gets what resource access first. SPRI (System Priority) is a utility designed to que different processes with different priority levels based on 3 class levels of importance (high,med,low). The average load level of a server can be substantially decreased by using spri, by as much as 20%, of course results may vary.
Order SPRI (System Priority) Package
Order OSSEC Package
Order nGinx Package
Order SNORT Package
Order MUNIN Package
- Fast Support Responses
- Tested and insured
- Always updated to latest threats
- Designed to protect
- Minimizes fails positives
- Less constraint problems
Never go down from web based attacks. Stay up and running securely.
Stop remaining in the back. Take the steps required to focus on your website or business and let us do the technical issues.
Feel at Home
We work to ensure everyone of our clients feels like they are at home and can have full trust with us.
As a client you will always be alerted to the newest threats and remain patched against them.