05-25-10 | Blog Post
Hi, my name is Christopher Schmitt and I am apart of Online Tech’s Operations Team.
Since the beginning of Information Technology, a Systems Administrator always has one thing usually in mind. How secure are my servers? This one thought can cause a Systems Administrator to always have this in the back of their mind. When you look at security, there can be many different approaches to it. Here’s a quick list of recommended security measures you can take to have some peace of mind when dealing with security. I’d also suggest you take a look at one of my colleague’s posts that deals with firewall rules.
1. Software Updates – Depending on what you are using your server for, you may want to look at automatic updates. This will ensure that you closing any open security flaws that may have been there before. Another set of updates which is usually overlooked is Open Source. There usually isn’t any central kind of alerting when there is a new release so this could be a bit difficult. It’s always great to stay on top of these updates since the source code is available for download. While Open Source is great product maintenance and new features, it can also lead to vulnerabilities found quickly.
2. Authentication Audits – It may be a good idea to make sure your servers are auditing every logon/logoff activity that comes through. This is one of the first things that another company or law enforcement will look at if you were ever attacked. If you are running Windows Server, you’re all set! Security Audits are turned on by default. If you are running a distribution of Linux, you may want to double check that this is enabled and working.
3. Stop Brute Forcing – If you are running an FTP server that is open to the public, you may want to pay close attention to this. FTP by nature is very unsecure. It’s quite easy to brute force and often overlooked in Windows IIS. Most FTP Server’s support a feature that will automatically ban an IP for X amount of hours if they fail say 5 times. This is a crucial step in mitigating any brute force attempts. There are also some software packages that can be installed to detect brute forcing over SSH. Feel free to read more about this at http://denyhosts.sourceforge.net/