Hosting Security Services

• Mail Server Monitoring for Inbound & outbound Spamming
• Mail Server Reputation monitoring
• Intrusion detection to Server/Services
• Network Intrusion detection
• Integrity Monitoring of Security Tools
• Monitoring for Rootkits
• DNS vulnerability Monitoring
• Database Server Health & Integrity Monitoring
• Monitoring of versions of requested web applications – WP & Joomla
• Add-ons
• Real-time File Upload Scanning   

What is Server Security Monitoring and why is it called so?

• Server Security Monitoring goes beyond having to deliver real-time monitoring of its services but also involves performing analysis of security activity inside the server. Such that your server and its services are protected against internal as well as external attacks. The need to have uptime of the services is not enough, IT administrators should be able to foresee a service down. This can be done by monitoring server’s security in a much granullar level based on the different roles taken up by the server such as a Mail Server, DNS Server, Webserver , Database server etc.

Who should make use of this service and when?

• If you are in a situation were there is a constant need to watch over your companies server infrastructure and critical information assets from cyber threats. Were you need to involve security professionals to perform real time monitoring of the server, its services, resources and applications. If you would like to take the burden off your IT managers to perform the mudane task of manually monitor the services and critical applications. Then you should make use of this services. Its never too soon to use the services at the very least before you become another victim of cyber attack.

What is the intrusion detection mentioned here? How do you prevent it? What is the scope of the follow up actions you mentioned?

• We use combination of both network-based and host-based network intrution detection. This involves monitoring system events, logfiles, application activity, file changes and network-traffic. As we monitor your server real-time 24×7, our security admins are always closely watching and would be alerted first. Immediate steps would be taken to rectify the problem before your end-users are affected.

Can I choose to have only the services I want?

• Of course, you can customize the services you would like to monitor. In case your server does not act as a DNS Server, you can omit the DNS Vulnerability monitoring.

How is this different from traditional monitoring services?

• Traditional monitoring is about monitoring uptimes whereas our Security Monitoring service is focused on resource violations, abuse activities within the system, data integrity, detection and prevention of intrusions and attacks to network; thereby being able to maintain server performance and reputation. With Server Security Monitoring, in case an event occurs the attacker IP is blocked temporarily and with the information generated, we will confirm the attack. The incidents will be prioritised according to level and intensity of attacks while reactions for this is automated within the system ,thus limiting human intervention to those cases where attacks are notified as severe. False positives would not have any damaging effect as the block will be temporary and in case it was a legitimate connection, it can be resumed. It also ensures the end-user have constant availbility of the service. For example traditional monitoring notifies if you if Mail services that use SMTP, POP or IMAP is running or active. However with Security Monitoring it identifies if your server is affected by internal/external spamming such you can take immediate action to curb it before your mail server is blacklisted by a RBL and your end-users are unable to send emails.

Operating Systems Supported

• Linux – Cloudlinux OS, Debian 7 and 8 All versions, Ubuntu Server 14 and 15 , CentOS 7
• BSD – All Distros of OpenBSD, NetBSD, FreeBSD

Environment Support

• All Shared/Dedicated Hosting Environments

Hosting Control Panels Supported

• cPanel , Odin Plesk, DirectAdmin, Interworx, ISPConfig, and Standalone servers.

Security Tasks Included

• Update kernel to latest stable version and patch for vulnerabilities or exploits
• Disk Partitioning and enforcing Disk Quotas
• Configuring Package Managers and Repositories
• Disabling unused Protocols
• Eliminating unused services
• Minimizing Open Network Ports
• Securing Binaries
• Securing Key Files and Configuration Files
• Setting and Enforcing Password Policies
• Limiting Root/SuperUser privileges
• Warning Banners for enforcing security policies
• Implementing Firewall Protection
• Configuring TCPWrappers
• Enabling System Logging, Auditing and log rotation
• System Accounting using auditd
• Configuring Backups
• Implement Integrity checking Software
• Disabling X window system
• Implementing Intrusion Detection Systems
• Implementing Linux Socket Monitor
• Configuring SeLinux for enhanced Security
• Implementing AntiVirus Protection
• TCP/IP stack hardening in Linux kernel using sysctl
• Webserver Hardening – Apache 2.X, Nginx 1.X, Lighttpd 1.X & Litespeed, PHP, CGI, DDoS & Outbound SPAM protection
• Mail Server Hardening – Postfix, Exim, QMail, Courier, Dovecot, Zimbra
• Database Server Hardening – MySQL, PostGreSQL, MariaDB
• SSH Server Hardening
• FTP Server Hardening – ProFTPd, Pure-FTPd, VSFTPD
• Control Panel Hardening – Hosting Control Panel, Webmail, Statistics
• Enable Encryption for critical services

• Security Auditing & Scanning.
• Penetration Testing.
• Vulnerability Scanning.
• Malware Scanning.
• Vulnerabilities removal.
• Patching for Vulnerabilities.
• Upgrading Applications.
• Security Hardening.
• Web application Firewall.
• Intrusion Detection Systems.
• Real-time Monitoring.

Security Hardening for Layer 3, Layer 4 & Layer 7 Exploits & Attacks

• Cross-site scripting.
• SQL injection.
• Path disclosure.
• Denial-of-service attack.
• Arbitrary code execution.
• Memory corruption.
• Cross-site request forgery.
• Data breach (information disclosure).
• Arbitrary file inclusion.
• Local file inclusion.
• Remote file inclusion.
• Buffer overflow.
• Other, including code injection (PHP/JavaScript), etc.