TIPS & TRICKS

12 Ways To Secure Your Servers


4. Add security software

An exception to the "keep it simple" tip is installing security software to detect and remove infections. Security software may include anti-virus, anti-root kit, and anti-spyware filters and scanners, plus a firewall to defeat unauthorized access. It's also a good idea to install intrusion detection and prevention software to guard against denial-of-service attacks and ensure the integrity of your system files.

5. Clean up after installation

When you install multiple applications, you may end up with a number of sample files, scripts, code, and directories: hackers like to hide malware in them -- delete them!

6. Be password smart

The rule of thumb on passwords has long been eight characters. However, utilities can now attempt at least a million possible passwords per second; at that rate, an eight-character lowercase password can be cracked in 59 hours. Using uppercase letters and numbers ups the ante, but hackers will continue to wield more computational power. Though there is no unbreakable password security, you can avoid being an easy target with these measures:

  • Require user passwords to be at least 12 characters long and include uppercase and lowercase letters, numbers, and shift characters (such as @, &, or %).

  • Don't use so-called "dictionary words" as passwords. These include common misspellings, clever misspellings, expletives, slang, digital slang like ROTFL (rolling on the floor laughing), and commonly used foreign words.

  • Do not create a password by adding a number to the end of a previous password; however, adding numbers in the middle of the word is permissible.

  • Don't allow users to recycle previously used passwords.

  • Don't allow passwords that are derived from birthdays, anniversaries, pet names, children's names, or any other publically available personal information.

  • If your server operating system has a feature requiring password changes after a selected time limit, use it. A common time limit is 42 days.

7. Quarantine incoming material

To minimize the impact of denial-of-server attacks and other intrusions, place your system files on a separate drive or partition from uploaded files. You can also cap the amount of disk space available to uploaded files and inspecting uploads before making them visible to the server's system to ensure your system is not being used as a cache by hackers. Another alternative is disallowing file uploads entirely.

8. Carefully consider lockouts

Most server operating systems allow you to lock an account after a certain number of unsuccessful log-on attempts within a certain time; for example, three unsuccessful attempts within 30 minutes results in a 30-minute lockout. This can help thwart some attacks. Be aware that some legitimate users will lock themselves out of their own accounts on occasion. In a small organization, this is not usually an issue, but in a larger organization may burden the support organization with requests for administrators to unlock accounts.



1 | 2 | 3 NEXT PAGE

Go To The bMighty Server How-To Center

Server How-To Blog

SMBs Loves Them Some Virtualization

Fredric Paul, 11.05.2009

Small and midsize businesses may have been a bit late to the virtualization station, but falling prices have them moving quickly to catch up with larger enterprises. So says a recent Gartner survey of companies with 100- 999 employees.
Read Post

New Intel Xeon 3400 Processors Lead To New Dell SMB Servers

Fredric Paul, 09.09.2009

The new 3400 series Xeon server processors are designed for 1U entry-level servers, and Dell has responded with four new 1-socket servers using the new chips, starting at less than $600. Plus new NAS storage and 28 new power supplies.
Read Post

What Computer Service Companies Know About The Equipment We Buy

Fredric Paul, 07.23.2009

SteelEye Offers SMB Business Continuity And Disaster Recovery Tools

Keith Ferrell, 07.14.2009

ActiveX Bug Could Open Doors For Bigger, Badder Confickers

Keith Ferrell, 07.08.2009

See the whole Server How-To Blog More


Other How-To Centers

Check out all the bMighty How-To Centers:




Techweb
Informationweek Business Technology Network
 InformationweekInformationweek 500Informationweek 500 ConferenceInformationweek AnalyticsInformationweek Events
Informationweek MagazineInformationweek Global CIO Infomationweek Financial Services Informationweek Government Informationweek HealthcarebMighty
 Byte and SwitchContentinopleDark ReadingTechweb Digital LibraryDr. DobbsIntelligent EnterpriseInternet Evolution
Network ComputingPlug Into The CloudAdvanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & Technology
space
TechWeb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0NoJitter
  Black HatGTECCloud ConnectGov 2.0 ExpoGov 2.0 Summit
space
Light Reading Communications Network
Light ReadingLight Reading AsiaUnstrungCable Digital NewsInternet EvolutionPyramid Research
Heavy ReadingLight Reading LiveLight Reading InsiderEthrnet ExpoTelco TVTower Technology Summit
space