Always Use Protection

May 6, 2009

When it comes to managing a server remember you can never be to careful. In this day and age we face a lot of things that can damage and even take a server to its knees here’s a few things for everyone to consider.

Anti-virus:

This is a must on systems open to the net now days. There are always nasty little things floating around looking to take your server apart from the OS out. For windows servers there are a multitude of choices and I’ll just mention a few that can help protect your goods. You can use several programs such as avast (which offers a free edition), ClamWin (open source), Kaspersky , and Panda just to name a few. I would suggest before installing any of these you check links such as http://en.wikipedia.org/wiki/List_of_antivirus_software to name one that provides a list of several choices and their compatibility. You may also want to read reviews that compare the available options and give you an idea of what to expect from them. This will allow you to make an informed choice on which one works best for you. Now with linux there are also several options for this including the well known clamav which from personal experience works really well and can be installed on a variety of linux disro’s(aka distributions). It’s very simple to use and may prevent you from headache later on down the road.

Firewalls:

Firewalls are a double edged sword but are most defiantly needed. When it comes to firewalls you can protect yourself from quite a bit of headache however if setup to strict you can block positive traffic and even yourself from reaching your server but in the long run a defiant way to help protect your server from unwanted visitors. A lot of firewalls also have modules and add-ons that further assist in protecting you and securing your server. If in doubt it’s always a good idea to have a security company do an audit and even a security hardening session with your server to make sure you are protected the best way possible.

Passwords:

This is probably one of the most important this you can do to secure your server. Use strong passwords (no using password or jello is not a secure password even if it is in all caps) and if you are worried about not being able to come up with a secure one there are several password generators on the web that can come up with secure ones to assist. Passwords should contain caps letters, numbers, symbols, and should be at minimum 8 – 10 characters (the more the better). It’s the easy to remember and easy read passwords that get you into trouble.

Armed with this information and so much more on security that can be located on the web using the great and all powerful Google should be a good start to making sure you don’t have to worry about data loss and system hacks. Also remember no matter how secure you think you are make regular backups of all your important data as if you server could crash at any time.

Comments

May 6th, 2009 at 9:28am

Hi James - good post, but I've got a couple of questions

Firewalls
What's your personal (and even Softlayer's "official" position) on Hardware firewalls vs Software firewalls. Yes, the traffic reaches your server (and hence uses up your bandwidth) on the software firewall and if you come under a DoS it'll drive your CPU usage through the roof - but are there any other disadvantages/advantages?

Passwords
As Jeff Atwood has just experienced, you should use a different password for different things ( see http://www.codinghorror.com/blog/archives/001263.html ). However, is it worth considering building support for One Time Passwords into your application (such as the Softlayer Portal)? Or, for less security orientated sites, how about only using OTPs? (I asked the same question a few weeks ago on my own blog at http://blog.rac.me.uk/2009/04/16/techy-token-authentication-instead-of-passwords/ but no responses yet :( ).

Leave a Reply

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • You can enable syntax highlighting of source code with the following tags: <pre>, <blockcode>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo].
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.

Comments

May 6th, 2009 at 9:28am

Hi James - good post, but I've got a couple of questions

Firewalls
What's your personal (and even Softlayer's "official" position) on Hardware firewalls vs Software firewalls. Yes, the traffic reaches your server (and hence uses up your bandwidth) on the software firewall and if you come under a DoS it'll drive your CPU usage through the roof - but are there any other disadvantages/advantages?

Passwords
As Jeff Atwood has just experienced, you should use a different password for different things ( see http://www.codinghorror.com/blog/archives/001263.html ). However, is it worth considering building support for One Time Passwords into your application (such as the Softlayer Portal)? Or, for less security orientated sites, how about only using OTPs? (I asked the same question a few weeks ago on my own blog at http://blog.rac.me.uk/2009/04/16/techy-token-authentication-instead-of-passwords/ but no responses yet :( ).

Leave a Reply

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • You can enable syntax highlighting of source code with the following tags: <pre>, <blockcode>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo].
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.