Title: (jerb) Quick Debian/Drupal security audit for VPS Post by: frontlineassembly on April 20, 2011, 09:59:05 PM Normally I use OpenBSD/pf and am somewhat clueless when it comes to Debian iptables. I would be doing this on OpenBSD if there was a host that accepted bitcoins :)
Anybody want to audit my VPS for security? Will pay in BTC for a one-time audit to make sure I haven't left open giant security holes. It's a tor hidden service running drupal w/bitcoind. Calls to bitcoind are done localhost via HTTP (risk? should this be https? I can always generate a new cert) Will pay up front, give you id_rsa to ssh into the box. Just need a second opinion to double check iptables/Debian setup for security holes. If you had a handy debian backup script i'd pay for that too PM me with offer, thkx Title: Re: (jerb) Quick Debian/Drupal security audit for VPS Post by: Vasco on April 21, 2011, 09:28:47 AM PM'd :)
Title: Re: (jerb) Quick Debian/Drupal security audit for VPS Post by: greggles on April 23, 2011, 12:12:13 AM For Drupal I suggest installing and running http://drupal.org/project/security_review
It will tell you if you have made any of the most common and dangerous mistakes in your configuration of Drupal. |