server question
 

what exactly is expected in a "managed server" from a host....

all current patches and security holes closed???
(security holes closed - similar to what some peeps here offer as a lockdown/hardening server service?)

and these tasks are on a continual basis??

anything else provided that makes it a better choice instead of unmanaged??


I'm looking for a new dedicated server for a new project....

Think about hardware troubles to. A managed server with a broken harddrive will be up and running within a couple of hours. Unmanaged.. Well, you're fucked. :(

actually at Cyberwurx (i have some stuff there) hardware replacement is included in unmanaged servers....

thats why i'm asking for a little input on all this....

Hey Lester,

Here is a little run down of what we include in a fully managed dedicated server:
All is done on a continual basis and proactively...

Install and configure Firewall
Binary Hardening
PhpsysInfo
Version Checker or portaudit
PAM Resource Limiting
Formmail Checker
AIDE installation and configuration
WhoCompiled - Check for compiler usage
Logwatch installation and configuration
Kernel update with grsecurity or custom changes
SSH access limitations and hardening


Optional Services*, provided on a per server basis after initial setup
Optional Services, must be requested only by e-mailing [email protected]

Check and clean the mail queue
Exiscan installation and configuration
Hardisk checking tool
Mailmon - Sendmail monitor
ClamAV installation and configuration
Snort w/Acid configuration
Apf with antidos capability - Optional
Mod_security module for Apache - Optional
MRTG installation and configuration - Optional
MailScanner install and configuration ? Optional Checking for root kits Scan for root kit on the server
Check logs and block all suspect ips
Check server load and partitions to perform maintenance activities Check /proc for hidden or unwanted processes
Clean up unwanted files from /tmp
Scan server for *.c or binary files (which have possible security issues)
Scan for Trojan Horses
Set cron jobs to remove log files rotated up to 3 or upwards (space saving measures)
Check tcp connections and make sure no unwanted ips or ports are listed Scan and clean the mail queue for viruses and SPAM Watchmysql - mysql monitor Disabling Telnet Access Securing named and host configuration files
PSAD - Port Scan Detector
PRM - Process resource monitor
PMON - Network socket monitor BFD - Brute force detection
SIM - System Integrity Monitor
SPRI - System priority configuration Scan system logs and block suspect IPs

Hit me up with any questions...

Additionally performance tuning, if your site starts to do more traffic its the hosts responsibility to configure it accordingly to handle the larger load.

Also script/module/application installations are handled by a managed host.

Basically you dont need to do anything and you can concentrate on your project instead of spending time trying to figure something out on the server, also a managed host since they have hundreds of machines probably has best practice routines worked out that are quite stable and effective hence you're gaining their expertise for your own dedicated server.

This looks like an Italian menu..
I'll have the Snort w/Acid configuration with some bolognese please.. :helpme

In lamens terms, fully managed server, you still maintain root access, and you are proactively covered for all security, patches, hardenings and monitoring* (of your choice)

The is a much smaller line of *acid* to snort

with managed server you can store highly sensitive information on the server and you can run programs on the server that are not allowed or supported by shared web hosting providers

Be careful as the definitons managed, semi-managed and fully managed differ with every provider. Some include monitoring, kernek updates, patches and proactive intervention while others don't.

So true... thats what I'm finding out......

True for managed or not, as long as you have a back-up drive .... in the server.

I think you are confusing " dedicated " vs " virtual hosting " ....

everyone has different points of view about what fully managed means.
Real managed (the way I see it) its offered by only a few providers tho, none
of the ones that are spamming this board.
With a fully managed provider the only thing you should care about is running
your sites. You don't need root access because theres nothing you need
to do with it. A managed provider will keep your server updated without the
need for you to notice them of new vulnerabilities. They should make sure
your services are 100% up without you interfering. They should also be able
to fix any problem in a reasonable amount of time. Needless to say there needs
to be someone online 24/7 that answers you in less than 10 minutes.

Lester,

Great question and has been address quite well by the above post(s).

I would only add that your host should fully stock and be able to replace parts in your server in less then 15 minutes from notification 24/7. If they can not provide this service it may an indication that they are a reseller or do not staff the data center 24/7.

Regards,

Anthony