|
Posted by Peter on February 26, 2007, 11:01 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi all,
I'm new to the computer security. Can you show me some starting point of
securing a server? What i read on most sites about security is that
updating the system is one of the best pratices. However, i find it quite
hard to do that on daily basis, especially when you have a server with
little or zero support such as Fedora 1/2/3 or Win2K. I also heard about
IDS but most of IDS systems require experiences of the admin to set up a
good database, which is impossible for beginner like me. How secure is a
firewall with good policy?
In case my server was intruded, what is the procedure to stop the attack,
secure the system and rescue the data?
If possible, please refer me to sources where i can learn more. I want
something detailed, not just general guidlines that can be found by google.
Thanks a lot.
--
Peter - A newbie.
|
|
Posted by Todd H. on February 26, 2007, 11:43 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
> I'm new to the computer security. Can you show me some starting point of
> securing a server? What i read on most sites about security is that
> updating the system is one of the best pratices. However, i find it quite
> hard to do that on daily basis, especially when you have a server with
> little or zero support such as Fedora 1/2/3 or Win2K. I also heard about
> IDS but most of IDS systems require experiences of the admin to set up a
> good database, which is impossible for beginner like me. How secure is a
> firewall with good policy?
> In case my server was intruded, what is the procedure to stop the attack,
> secure the system and rescue the data?
> If possible, please refer me to sources where i can learn more. I want
> something detailed, not just general guidlines that can be found by
> google.
You're dealing with big topics.
Win2k server:
http://www.sans.org/reading_room/whitepapers/win2k/189.php
http://www.microsoft.com/downloads/details.aspx?FamilyID=15E83186-A2C8-4C8F-A9D0-A0201F639A56&DisplayLang=en
http://msdn.microsoft.com/library/en-us/dnnetsec/html/HTBaseAnal.asp
That last link is to a reasonably useful tool that'll point out
glaring weaknesses. It has a very unfortunate asp file name though.
Fedora 1 or 2
dunno... they're old. Consider upgrading.
IDS's are good tools. They do require setup and admin. Snort is a
very popular free one. It's imperative to keep up with updates
though.
A firewall only secures your border. Are you running web servers?
How many internal users are there? Are there provision for external
access for employees?
No time to say more at this point, but if you can post what OS your
server is perhaps folks have a favorite, detailed hardening guide they
can point you to.
--
Todd H.
http://www.toddh.net/
|
|
Posted by left_coast on February 26, 2007, 11:59 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
> I'm new to the computer security. Can you show me some starting point of
> securing a server? What i read on most sites about security is that
> updating the system is one of the best pratices. However, i find it quite
> hard to do that on daily basis, especially when you have a server with
> little or zero support such as Fedora 1/2/3 or Win2K. I also heard about
> IDS but most of IDS systems require experiences of the admin to set up a
> good database, which is impossible for beginner like me. How secure is a
> firewall with good policy?
> In case my server was intruded, what is the procedure to stop the attack,
> secure the system and rescue the data?
> If possible, please refer me to sources where i can learn more. I want
> something detailed, not just general guidlines that can be found by
> google.
>
> Thanks a lot.
>
Security is an ongoing process, not a final state. beware of people claiming
simple solutions. The best security tool is EDUCATION. Educate yourself
about computer security by reading books and research. EDUCATE your users
as to how to use a computer in secure ways. The more you know about system
security, the better you will be at securing a system.
That said, security should be based on the need. What the NSA and CIA would
install for security on their most secure severs, would probably not work
for the computer system at your local library. To know "How to secure a
server" one needs to assess the best balance between security and
accessibility required.
|
|
Posted by Lew Pitcher on February 26, 2007, 12:04 pm
If you were Registered and logged in, you could reply and use other advanced thread options > Hi all,
> I'm new to the computer security. Can you show me some starting point of
> securing a server?
[snip]
Well, you could read "Securing & Optimizing Linux: The Ultimate
Solution", available at the Linux Documentation Project (http://
tldp.org/)
Download
http://tldp.org/LDP/solrhe/Securing-Optimizing-Linux-The-Ultimate-Solution-v2.0.pdf
and http://tldp.org/LDP/solrhe/floppy-2.0.tgz or buy the book :-)
HTH
--
Lew
|
|
Posted by Colin McKinnon on February 26, 2007, 5:51 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi all,
> I'm new to the computer security. Can you show me some starting point of
> securing a server?
A good starting point is a degree in computer science and abut 5 years field
experience setting up and managing systems.
Go read a few books, mosey over to Sans.org/cert.org and read some of their
free whitepapers. Checkout Brainbench for cheap/free exams (no point in
reading the books unless you can prove you understand them). There's a lot
of introductory level stuff on wikipedia - but be wary of the value of
infromation published there. Another good site is www.securityfocus.com
You'll get lots of opinions on Usenet, and occassionally some good advice;
If you had supplied about 100 words on what it is you are trying to secure
then you might have got some specific advise here. Are you ready to
understand it?
> What i read on most sites about security is that
> updating the system is one of the best pratices.
Almost; keeping up to date in a managed fashion with the supplied patches is
good practice.
> However, i find it quite
> hard to do that on daily basis, especially when you have a server with
> little or zero support such as Fedora 1/2/3 or Win2K.
I can't tell you if you should be that up to date from the information
you've supplied.
> I also heard about
> IDS but most of IDS systems require experiences of the admin to set up a
> good database, which is impossible for beginner like me.
No some IDS are hard to set up, some less so. The level of ability on the
part of the admin and how they apply those skills determines the security
of the system.
> How secure is a
> firewall with good policy?
It depends on the context. Is the policy appropriate and complete? Is it
implemented properly?
> In case my server was intruded, what is the procedure to stop the attack,
> secure the system and rescue the data?
Is this a troll? If not, its time to call Ghostbusters :(
C.
|
| Similar Threads | Posted | | Is this server secure enough? Is this server hackable? | August 3, 2006, 1:45 pm |
| Advice needed on secure remote datacenter and secure communication | August 24, 2008, 8:36 pm |
| Secure Auditor secure your windows | April 28, 2008, 6:24 am |
| Locating a server | March 5, 2006, 12:38 pm |
| ftp server question | June 23, 2006, 8:27 am |
| more than only one certificate per server | June 21, 2008, 7:44 am |
| ms exchange server security | June 29, 2005, 4:13 pm |
| MS Virtual Server --Free- | April 4, 2006, 6:15 pm |
| POP3 Server Corrupt? | April 6, 2006, 3:37 pm |
| Anonymous Proxy Server... | May 15, 2006, 6:04 pm |
|
XML site map