120 likes | 244 Views
Potions of Protection. Server Security. What does that do again?. Familiarity Differing levels of protection Low, does not exist Medium, No private data High, Server the contain private data that needs extraordinary measures of protection HIPPA, FERPA, Act, Credit Card data, GLB
E N D
Potions of Protection Server Security
What does that do again? • Familiarity • Differing levels of protection • Low, does not exist • Medium, No private data • High, Server the contain private data that needs extraordinary measures of protection • HIPPA, FERPA, Act, Credit Card data, GLB • What is a server? • Common share point w/ files, images, web-based services
Ingredients for Protection Potions • Defense • Firewalls • Host Hardening • Secure Communications • Physical Security • Monitoring • Network Monitoring • Host Monitoring • Discovery • Forensics
Defense! Defense! • Firewall • 3 ways to deploy • Securing Concepts • Remote Administration • Linux SSH, nonstandard port • Windows RDP, no connections to/from public internet • Ethereal http://www.ethereal.com/
Defense • Host Hardening • Authentication and Account management • Install and Patch OS • Update.microsoft.com, http://sunsolve.sun.com/http://www.redhat.com/apps/support/updates.html • Install Anti-virus • Do we need that? • Netstat –aonbv • TcpView http://www.microsoft.com/technet/sysinternals/utilities/tcpview.msapx. • Netstat -aopl • Access Control • Controlling Services • Autorun http://www.microsoft.com/technet/sysinternals/utilities/autoruns.mspx • Init and inetd daemons • find /var -iname "*cron*"
Defense • Secure Connections • Encrypt that message! • Disk Encryption
Monitoring • Network Monitoring • Ethereal, Wireshark • Netstat
Monitoring • Host Monitoring • File Integrity Checks • Afick, Another file Integrity Checker • AIX, Linux, Windows • Aide, Advanced Intrusion Detection Environment • Shipped with Fedora 3, 4, 5 • Log Monitoring • Logwatch
Discovery • Forensics • http://www.foundstone.com/us/resources-free-tools.asp
Extra Credit • Review trusted relationships • Review FTP Configurations • Avoid running web servers as root and remove all sample scripts • Strong Encryption • PGP, SSH, SSL • Non-Routed IPS