CodingCREW
IT Services
Linux Toolkit
Tools for CodingCREW members. Below you will find links to tools and software that will help you in the field. Before use make sure you know how to use these tools.
"If In Doubt - ASK"
The tools on this page are Linux tools if you want MS Windows tools - Click here for Windows
LINUX TOOLS
OS
CentOS
Our Favorite Linux Distro
Ubuntu
Our 2nd favorite Linux Distro
DistroWatch.com
The place to find out about the latest
Linux distros. If it's hot it's listed here.
ADMINISTRATION TOOLS
WEBMIN
LAMP server administration package
VIRTUALMIN
Virtual server administration package.
DATABASE TOOLS
phpMyAdmin
Great package for administration of MySQL
databases. Good GUI and functionality.
There are some security issues with phpMyAdmin
but with proper installation and security this
package proves to be the best available we
have located to date.
MySQL
Database package we highly recommend.
Other Database Admin Tools
PROCESS / MONITORING TOOLS
HTOP
Interactive Linux Process Tool
This tool is hands down 100% better than standard "TOP"
HTOP is the #1 Interactive Process Tool
that the CodingCREW uses on ALL
Linux installations.
ATOP
Another Process Tool for Linux
MultiTail
MultiTail
Wikipedia
One of the most coolest tools for monitoring
the logs in real time from the command line.
MultiTail is a standard installation on ALL
CodingCREW
Linux boxes we use this
tool time and time again for monitoring logs.
SECURITY TOOLS
Fail2Ban
Fail2Ban
Wikipedia
Bans IP's that make to many errors
and have to many password failures
This package is great, you can find pre-defined
rules and jails on the Internet or you can
write your own. We use this package on all
CodingCREW
servers facing the Internet.
DenyHosts
DenyHosts
Wikipedia
Prevent SSH attacks on your box.
This package is good, but limited in the number
of services it can control and how it works.
Many CodingCREW server
installs run this
package in concert with other security tools.
SSHBlack
"Automatic Blacklist SSH attackers"
IDS SOFTWARE
AIDE
"Advanced Intrusion
Detection Environment"
A replacement for "TripWire" that the author
says exceeds the limitations of "TripWire".
For those looking for TripWire, it has gone
commercial and is now offered
here.
AFICK
"Another File Integrity Checker"
A security tool similar to the now commercial "TripWire"
OSSEC
OSSEC
Wikipedia
Currently Testing
Host Based Intrusion Detection system
EDITING TOOLS
Emacs
Extensible, customizable text editor
Emacs is the editor of choice for those
that have to perform serious editing.
Emacs has been successfully ported to
MS Windows and can be found
here.
NANO
Improved version of PICO editor
WEB SOFTWARE
Wordpress
#1 Blog Software
Crafty Syntax
Live Help Package
OpenGoo
Great Task Manager
phpBB
Good Forum software
Make sure you keep your phpBB installation
up to date with security patches and revision
releases to protect your installation.
eTICKET
Web based ticketing system.
AWStats
Great web statistical software.
DISCLAIMER:
All of the programs and/or software listed on this page are posted here for CodingCREW use. The CodingCREW makes no warranty expressed or implied for use by the general public.
Use the tools found
on this page at your own risk.
Fail2Ban
Fail2Ban rocks - it is a great package. On CentOS you can YUM this package in and with only basic changes to the conf file you can be up and running in minutes.
The standard Fail2Ban install comes with sample jails all ready set up for you. Searching on the Internet yields many custom jails authored by others to further increase the capabilities above and beyond the standard install.
Remember some installs of Apache do not support TCP Wrappers, so when you are enabling jails make sure that you read the descriptions and fully understand what the jail is doing. Remember to point the jail to monitor the correct log, different distros handle logs differently and place them in different locations.
The great thing about fail2ban is that you can monitor both error logs as well as access logs and your rules can apply equally to either.
We have authored many custom rules that we use to monitor access logs for bad guys seeking to find a way into our boxes.
When it comes to security we do not discriminate we block anyone and everyone that is attempting to do bad things.