Browsing articles in "Security"

Server Security Checklist

Dec 12, 2009   //   by admin   //   Security  //  No Comments

Servers play as a critical resource for any organization, as they host lot of critical data  and serve important services ,may it be on internal or external network. Therefore, Server Security is one the most important job that system administrators /security analysts need to look at.

Servers are hacked or compromised for may reasons.

  1. For Data theft
  2. For  utilizing the server’s resources in launching some other malicious attacks
  3. Just for Fun

Reasons for server getting hacked can be anything but what’s important is getting HACKED/COMPROMISED and not the reason.

“A Stitch in time saves nine” is a phrase which I think is quite suitable in this situation and maybe you realize the importance of this phrase because of which you are reading this blog. So lets move onto the steps involved for ensuring basic Server Security :

1)      Securing Underlying Operating System:

a. Remove or disable unnecessary Services

b. Remove or disable unnecessary Applications.

c. Remove or disable unnecessary Network Protocols.

d. Remove or disable any default accounts/passwords.

e. Configuring proper access rights to users as per the requirements.

2)      Securing the Web Server Software

a.  Disabling unnecessary services /scripts installed by the software.

b. Configuring proper user rights with the principle of Least Privilege .

c.  Removing sample files installed by the software.

3)      Firewall

Atleast a system software firewall should be deployed with default deny rule.

Only those services which need to be served, should be kept open leaving everything else blocked.

4)      Anti-Virus , Anti-Malware,Anti spyware Softwares:

The system should be equipped with an anti-virus software capable of detecting and removing viruses,Trojans,malwares and spywares.

The signature engine should be regularly updated.

5)      IPS/IDS :

These can help in detecting attacks being launched and thereby take measure to eliminate those attacks.

6)      File Integrity Software:

This can help in protecting critical system files and getting notified if any change occurs in them.

7)      Configuring Logging and Daily Monitoring of Logs:

Logging of critical areas should be enable and they should be regularly ,rather, daily monitored to check for any unusual activities.

8)      Complex Password Policy:

For any accounts used on the system, a password policy needs to be maintained and followed.

Passwords should be mandatorily made to be complex with a minimum of 10 characters involving combinations of characters, numbers and special symbols.

9)      Patch Management:

All the software used on the system along with the Operating system should be updated and patched regularly as and when they are available and required.

10)   Backup Management:

A regular backup of all the critical data and system information should be taken and should available at any point of time.

11)   Vulnerability Testing

After application of all the security practices, it is very necessary to verify if things deployed are really working as they should be. For this vulnerability testing should be done of the entire server.

This checklist for server security definitely can have a lot more points to add,but the steps mentioned can atleast assure you of closing a lot of doors from getting your server hacked or compromised.

Basic Steps to Secure your Computer

Dec 12, 2009   //   by admin   //   Security  //  No Comments

Getting hacked or compromised cant be eliminated but the probability can be minimized. This is the very main motive of security. The main purpose of this article is to collectively mention the basic steps which once applied would ensure  that their system doesn’t get hacked or compromised easily.

The steps mentioned here are easy and simple but often neglected which leaves a vulnerable system behind inviting hackers or attackers.

1)  Patch Management :

This is a very simple and quite effective step to ensure the security of your system.Patch management involves regular updating of all the software like OS,Applications,etc. installed on the system as and when the updates/patches are available from the respective vendors.

Following this step eliminates lot of vulnerabilities which otherwise could have been exploited by an attacker/Hacker to compromise your system.

2) Install Effective Anti-Virus  on the System :

You need to make sure to have an anti virus installed with regular updates to its signatures database.

There are a lot of anti-virus vendors out there and comparing them to get the best is out of scope of this article. Some of the features to look out for an anti-virus would be wide base of signatures, real-time scanning, regular and timely updates, instant removal of viruses, ability to restore deleted files and also a heuristic engine .

3) Install Anti-spyware / Anti adware/Anti  malware:

Well lot of these features now come up with an Anti-Virus itself, still if you happen to miss them then don’t forget to install a software that is capable of detecting and removing spywares, adwares and Malwares.

4)Trusted Third Party Software Installation:

A User often is tricked to download softwares which they don’t really know but appear fascinating enough to make them install it on their system. A lot of times these kind of software from unknown sources leave behind Trojans or backdoors or may themselves be a virus causing the system to be compromised/hacked. So, install software only from Trusted sources else just forget them .

5) Strong Passwords:

Having a strong password would always help you play on safer side. This is often neglected because of laziness on one’s part .So, always have passwords with combinations of numbers,  characters and special symbols like * or #.

6)  Presence of Mind :

I have gone through lot of articles on security but never came across this point which according to me is the cause of all the negligence involved in other parameters as mentioned above. You have to be quite alert to realize what’s going on in the system or what is it that’s been downloaded by you. Just blindly clicking things and then realizing  its too late, be quite alert beforehand.

These are very simple and basic steps which does not require you to be a computer expert .If you follow them, then you will find yourself in quite a safe corner.

If you have anything additional to add up to this, let me know so that I can add it up in this list as we are here to make this networked world a safe place to be part of.