• We had to restore from a backup today after a failed software update. Backup was from 0000 EDT and restored it at 0800 EDT so we lost about 8hrs. Today is 07/20/2024. More info here.

CSF/LFD, DenyHosts, Fail2Ban or other?

Which add-on security tools do you use?

  • CSF/LFD

    Votes: 0 0.0%
  • DenyHosts

    Votes: 0 0.0%
  • Fail2ban

    Votes: 0 0.0%
  • cPHulk

    Votes: 0 0.0%
  • iptables

    Votes: 0 0.0%
  • Other

    Votes: 0 0.0%

  • Total voters
    0
R

Rob

Guest
Do you use security add-on tools like the configserver firewall, denyhosts, fail2ban, cphulk, etc..? If so, which one(s) and why? Have you tried the others?
 


To answer my own question ;)

I'm using and have used all of these on different servers.. my favorite right now is probably csf/lfd, but a close second is denyhosts.
 
I use CSF/LFD. It's got tons of features for free software, and it's development cycle is pretty good too. Some new features added recently that I like.
 
I use CSF/LFD on my webserver. I think it has it's own set of iptables and rules. It's very reliable when your server is under attacks like Syncflood or a Dos attack.

However i've disabled LFD from mailing me cause i get tons of emails saying that one or the other process is using too much memory. Well i've tried to check what's causing it and fixed most of them. Some were related to php-cgi eating up a lot of memory.

I think the Kloxo panel uses it's own kind of security for failed login attempts. I don't know if it's fail2ban but i'm guessing it does the same function.

Additionally I also use a Rootkit scanner - chkrootkit - http://www.chkrootkit.org/
 
I chose iptables and fail2ban because of their integration with each other, but I have to say thank you so much for mentioning CSF/LFD. I never heard of this system/tool before but I reviewed it a little bit and am going to load it into a VM tonight and see what this bad boy can do. Its amazing at how this very powerful tool can be free.
 
Careful.. We've noticed it sometimes will hang a xenserver vps w/cent 64 on it.. couldn't figure that one out..
 
Careful.. We've noticed it sometimes will hang a xenserver vps w/cent 64 on it.. couldn't figure that one out..

It wouldn't be put out into production anyways until I figured it being a valid candidate, but I'll definitely keep that in mind, especially if I decide to use it as part of my security platform. Thanks for the heads up!
 
We had probably 10 production servers running it clustered and each would lock up about twice/month at different times.

Most ppl never see this issue..
 
We had probably 10 production servers running it clustered and each would lock up about twice/month at different times.

Most ppl never see this issue..

Did you ever find the cause of the issue? I remember when I was working at a hosting company around here and there was one XenServer account that would crash the entire server...their website was using up too much memory due to poor programming on their website.
 
Nope.. when we removed csf/lfd the lockups stopped. Nothing in the logs..
 
Nope.. when we removed csf/lfd the lockups stopped. Nothing in the logs..

Hm, weird. Could've been the same issue, who knows, lol. I'll take it into consideration though, because my server is quite underpowered performance-wise (though it does meet my needs so I can't complain).
 
We updated xenserver - testing csf/lfd on a couple boxes again to see if anything changed..
 
This poll should not separate CSF/LFD with iptables, because CSF/LFD is being based on iptables.
 


Top