Posted 5.30.10
by wpadmin
Blog

Operating System Security Essentials

While searching for various server security methods during one of my many journeys through cyberspace I stumbled upon a very interesting document titled LAME  or “Linux Administration Made Easy.”

The function of this document is to provide you with an easy guide that describes the day-to-day administration tasks and common maintenance issues facing a system administrator.

Chapter 12 in particular caught my attention because not only does it have very practical advice for Linux security but it can also be applied to security in the Windows OS environment as well. Chapter 12 is titled “Strategies for Keeping a Secure Server” which as you have probably guessed already has tips on maintaining the security of the server as well as the safety of your data.

One of the most commons sense precautions that any administrator can take against unwanted server access is to update system tools, applications, and the kernel or core of the operating system. This can be one of the most crucial if not the essential task in maintaining a server’s security and is often neglected.  This is one of the most common causes of server break-ins and can be easily remedied by configuring automatic updates within the operating system or implementing an update process within your organization.

Another important step is to use smart password management especially where multiple users log on to a server remotely. Most often people do not consider the risks they face when implementing an application or webpage that is connected to the internet. There are a multitude of easily available programs that can quickly break a weak password especially if common words or phrases are used. A simple character length and complexity standard can be enough to prevent compromise and can be easily implemented on any OS.

Other good security practices such as restricting IP or host access to external services, turning off or uninstalling unneeded service, installing a security detection system such as Tripwire or OSSEC, and simply monitoring the integrity of your server with random security audits can provide you with tools to combat the looming risk of intrusion.

For more information please visit:

http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/index.html

For more information on Security please visit the following:

http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/security.html

  • This field is for validation purposes and should be left unchanged.