Fedora Core 4 - Server Security
I have a VPS account at a webhosting co. that runs Fedora Core 4. I am in the process of setting it up.
Last week the site was breeched after being up and running for only a couple of weeks. A non-authorized users was able to access one of the user accounts. The server is fine. My server was being used to attack another server. I'm not sure what caused the breech. I'm still investigating. My guess is that one of account passwords was compromised.
I'm looking for advice on how to manage the server to make sure this doesn't happen again. I'm guessing the intruders figured out the password by trying signin attempts until they cracked the password. They may have known somehow that the site was new and counted on that fact that some default passwords were still in place. I've changed the passwords.
So here are my questions. How do I setup Linux to only allow a minimal number of signon attempts before degrading the signon performance or inactivating a user account? At a minimum, I'd like to log signon attempts so I've got some idea who is trying to access my server. If that info is currently available, how to access it in the system.
What are the best practices for managing this risk?
Also, I've noticed on othe sites that passwords are automatically scrutinized to assess how secure they are to encourage users to create better passwords. How do I do something like that in linux?
Thank you in advance.