TIPS & TRICKS

12 Ways To Secure Your Servers


9. Use the log

Your server's operating system will probably have a facility to log events. You should use it, especially servers exposed to the Internet because the log may offer the first, and sometimes only, evidence of attempted (and successful) intrusions. Logs can also be used as evidence in legal proceedings.

What the log includes, and what you can set it to include, varies by server operating system and configuration. Third-party security software may also generate logs, and these, too, can usually be configured to varying levels of detail. If you find reviewing the logs becomes burdensome, consider configuring them to record less detail or use a third-party log file analyzer.

Just as with your other server system files and data, you should archive your server log files at regular intervals.

Keep in mind that if an intruder has targeted you, they are not likely to come and go in the course of a single day. The attacker may escalate from probes to serious attacks over a period of days or weeks. So it's important to read logs for patterns and trends that extend over more than single day.

10. Rename default accounts

Your server probably came with two default accounts, named Administrator and Guest. Hackers love these because they're the same from server to server. Though you cannot delete the default accounts -- in most cases -- you can rename them and assign them difficult passwords.

Watch your log closely for attempts to access your renamed Administrator account, as hackers may still be able to find this account. In case a hacker is monitoring keystrokes, the administrator should use the renamed Administrator account only when absolutely necessary. It's also wise to remove all unused accounts and create new accounts only when necessary; accounts of terminated employees should be removed immediately and accounts should never be shared.

11. Patch early and often

When malware exploits a particular vulnerability in software, the vendor typically rushes to circulate a patch that fixes the problem. But that doesn't put the hackers out of business. That's because there are always enough un-patched machines to keep them occupied; don't help them out, be conscientious about installing patches.

When possible, set the operating system and even individual software packages to download patches automatically, but NOT to install until given permission. In a small office, this will give you the opportunity to keep track of what patches have arrived -- it's a good idea to keep a notebook. In larger organizations, it gives the IT staff an opportunity to try out the patch on a test machine -- this is particularly important if the organization relies on software written in-house.

If you are not sure where you stand with patches, most vendors have patching and update sites. Take a moment to review the site for your software:

12. Don't get too comfortable

Digital security is not a one-time project. Rather, it's an ongoing maintenance task and it never gets easier. In the normal course of events, you should be installing patches, studying logs, and responding to alerts. Although this does require time and resources, that's trivial compared to what hackers can do to your business. For instance, a hacker that takes over your Web site could infect all site visitors with key-loggers and expose their banking passwords (Yes, that's happened).

Part of being vigilant involves keeping your eye on the weather, so to speak. New threats constantly arise, as quickly as summer storms.

1 | 2 | 3 PREVIOUS PAGE

Go To The bMighty Server How-To Center

Server How-To Blog

SMBs Loves Them Some Virtualization

Fredric Paul, 11.05.2009

Small and midsize businesses may have been a bit late to the virtualization station, but falling prices have them moving quickly to catch up with larger enterprises. So says a recent Gartner survey of companies with 100- 999 employees.
Read Post

New Intel Xeon 3400 Processors Lead To New Dell SMB Servers

Fredric Paul, 09.09.2009

The new 3400 series Xeon server processors are designed for 1U entry-level servers, and Dell has responded with four new 1-socket servers using the new chips, starting at less than $600. Plus new NAS storage and 28 new power supplies.
Read Post

What Computer Service Companies Know About The Equipment We Buy

Fredric Paul, 07.23.2009

SteelEye Offers SMB Business Continuity And Disaster Recovery Tools

Keith Ferrell, 07.14.2009

ActiveX Bug Could Open Doors For Bigger, Badder Confickers

Keith Ferrell, 07.08.2009

See the whole Server How-To Blog More


Other How-To Centers

Check out all the bMighty How-To Centers:




Techweb
Informationweek Business Technology Network
 InformationweekInformationweek 500Informationweek 500 ConferenceInformationweek AnalyticsInformationweek Events
Informationweek MagazineInformationweek Global CIO Infomationweek Financial Services Informationweek Government Informationweek HealthcarebMighty
 Byte and SwitchContentinopleDark ReadingTechweb Digital LibraryDr. DobbsIntelligent EnterpriseInternet Evolution
Network ComputingPlug Into The CloudAdvanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & Technology
space
TechWeb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0NoJitter
  Black HatGTECCloud ConnectGov 2.0 ExpoGov 2.0 Summit
space
Light Reading Communications Network
Light ReadingLight Reading AsiaUnstrungCable Digital NewsInternet EvolutionPyramid Research
Heavy ReadingLight Reading LiveLight Reading InsiderEthrnet ExpoTelco TVTower Technology Summit
space