Hi everyone! Pardon me for being a noob here. Anyway, We finally got our 1st dedicated server yesterday(thanks TP!) and spend the whole night doing OS hardening. After following some threads re:OS hardening in this forum I run Vulnerability Scan Report in my server.

Report says: Number of security warnings found - 1
and it also found 4 security notes. All of them are from LOW to MEDIUM Risk factor.

My question is:
Am I just fine now given that its only a low risk factor? I'll be transferring my 10+ sites to this server from a VPS account and I want to make sure that the machine is running fine and safe.

Here's the summary of nessus scan report:
Warning: domain (53/udp)
Synopsis : The remote name server allows recursive queries to be performed
by the host running nessusd.
Nessus ID : 10539

Informational: domain (53/udp)
A DNS server is running on this port. If you do not use it, disable it.
Nessus ID : 11002

Informational: domain (53/udp)
The remote name server could be fingerprinted as being : ISC BIND 9.2.3
Nessus ID : 11951

Informational: domain (53/tcp)
Synopsis: It is possible to obtain the version number of the remote DNS server.
Nessus ID : 10028

Informational: ssh (22/tcp) Remote SSH version : SSH-2.0-OpenSSH_3.6.1p2
Remote SSH supported authentication : publickey,password,keyboard-interactive
Nessus ID : 10267

By the way, here's my server if this can help solve the problem:
SM SuperServer 2.8GHz P4
RHEL 3 with Virtuozzo with 10 cPanel
installed APF and BFD

I really appreciate any help.

Thanks!

You need to close open dns servers, try searching google for this, my site has a tutorial on it and hiding your bind version. Other than that you're good to go.

Thanks! I was able to close Open DNS Server using the tutorial you provided.

I went lucky today. I upgraded the kernel and performed /scripts/upcp. I then did a vulnerability scan under Orbit. The report came back showing completely zero note.