AWS ifcfg-eth0 settings

Mister9

• October 06, 2015 15:38

Hi, I have AWS set up with CPanel. I been securing my server using CSF and I am down to the final score I'm looking to achieve. To get there I am looking fix this issue: Check for dhclient dhclient appears to be running which suggests that the server is obtaining an IP address via DHCP. This can pose a security risk. You should configure static IP addresses for all ethernet controllers I read that I need to edit this file, ifcfg-eth0. I am looking into this file and see that the contents in this file is in fact set to dhcp. Currently it looks like: DEVICE="eth0" BOOTPROTO="dhcp" ONBOOT="yes" TYPE="Ethernet" USERCTL="yes" PEERDNS="yes" IPV6INIT="no" PERSISTENT_DHCLIENT="1" So I'm assuming I should be looking to change this to a static IP. What would be the correct setting for this file? What will be the IPADDR / NETMASK? Local IP and subnet for the VPC or Public IP (Elastic IP) / what netmask?

• 

  Mister9

  • October 22, 2015 18:14

  I just wanted to update this issue has been a scary place to fix. Since nobody has been able to assist me on this, I tried experimenting with the setting hoping it would fix the issue. After reading this answer, I set the settings to: DEVICE="eth0" BOOTPROTO="none" ONBOOT="yes" TYPE="Ethernet" USERCTL="yes" PEERDNS="yes" IPV6INIT="no" PERSISTENT_DHCLIENT="1" NETMASK="255.255.255.0" IPADDR ="10.0.0.11" I figured my Netmask was 255.255.255.0 through /sbin/ifconfig -a and set my IPADDR to my private IP 10.0.0.11, saved, reboot, and crossed my fingers. The server was no longer accessible. No WHM access, No ssh access, I was petrified. Luckily I was working on the second DNSONLY server and all the domains were still up. I had to stop the server, detach and attach the volume to a new instance and revert these setting. I then detached and remounted to the original server and it all came back alive again. Anyway, if anybody knows the correct setting for this, please let me know.

  0
• 

  cPanelMichael

  • October 23, 2015 00:28

  Hello :) I suggest consulting with your data center or a system administrator with physical access to the server for help modifying your network configuration. As you mentioned, any slight error can result in a lack of access to the system. Thank you.

  0

Please sign in to leave a comment.