While searching for various server security methods during one of my many journeys through cyberspace I stumbled upon a very interesting document titled LAME or “Linux Administration Made Easy.”
The function of this document is to provide you with an easy guide that describes the day-to-day administration tasks and common maintenance issues facing a system administrator.
Chapter 12 in particular caught my attention because not only does it have very practical advice for Linux security but it can also be applied to security in the Windows OS environment as well. Chapter 12 is titled “Strategies for Keeping a Secure Server” which as you have probably guessed already has tips on maintaining the security of the server as well as the safety of your data.
One of the most commons sense precautions that any administrator can take against unwanted server access is to update system tools, applications, and the kernel or core of the operating system. This can be one of the most crucial if not the essential task in maintaining a server’s security and is often neglected. This is one of the most common causes of server break-ins and can be easily remedied by configuring automatic updates within the operating system or implementing an update process within your organization.
Another important step is to use smart password management especially where multiple users log on to a server remotely. Most often people do not consider the risks they face when implementing an application or webpage that is connected to the internet. There are a multitude of easily available programs that can quickly break a weak password especially if common words or phrases are used. A simple character length and complexity standard can be enough to prevent compromise and can be easily implemented on any OS.
Other good security practices such as restricting IP or host access to external services, turning off or uninstalling unneeded service, installing a security detection system such as Tripwire or OSSEC, and simply monitoring the integrity of your server with random security audits can provide you with tools to combat the looming risk of intrusion.
For more information please visit:
For more information on Security please visit the following:
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.