In this part we will talk about some general things that server owners should look always.First they should apply all of the above protections from the past courses.Permissions should be checked with special attention to make sure that all sensitive files that shouldn't be seen cannot be seen unless user is ROOT.Next thing is once those permissions are done don't use root remotely only locally if its really necessary and in most cases its not.If you are offering shared hosting on your server make sure that none of the users have access to other users files and folders,if software you are using for the shared hosting is making every user root of its own space make sure he is root only there and have absolutely no access to anything that doesn't belong in his space.Also when i mentioned root user make sure you don't use default password that comes on the linux and don't use some simple password that is easy to bruteforce of ques
HOW TO KNOW IF YOU HAVE UNWANTED GUESTS?
Nowdays its really hard to figure of there is someone on your server already unless they don't do defaces or any other thing that will make it obvious that they are there.But there are some things that will make your life allot easier.What most of the attackers are forgetting when they are adding their files is the creation date.They leave the original date of creation and that makes it easier for you to find their files.Check your files at least once a week and look for files or folders that have new creation or new editing date since in some cases attackers won't upload their files,instead they will edit your files and put their malicious code there. I feel its necessary to mention to look for strange filenames that you don't remember you created them.So check the creation/editing dates on files and also their names.Easier thing is to make some auto script that will make list of files with creation date and filename included,save it in list and later when you execute it compare current files with saved state.
If you are noticing sudden increase of bandwidth use its almost 100% sure that you have unwanted guests,probably someone is using you for their botnets,for ddos attacks.
One of the most important thing and most people are lazy when it comes to that is log checking,it can save you alot of trouble.Unless your server is rooted everything should be in logs every change that happened on server,so don't be lazy to check them often