Home arrow Blog
Home
Domain Names
Web Hosting Plans
Server Co-location
Dedicated Servers
Website Monitoring
Resellers
Secure Backups
SEO Services
FAQs and Tutorials
Contact Us
SIGN UP NOW!
News and Events
Blog
Sitemap
CUSTOMER LOGINS
ACCOUNT MANAGER
WEB MAIL ACCESS
CONTROL PANEL

Our secure credit card payment system is powered by DirectOne Payment Solutions. Your card details will be encrypted using 128 Bit SSL and processed securely by DirectOne. Please click the DirectOne logo for information about payment security.

Vsa-MC
Powered by DirectOne Payment Solutions
Transact
Agile Communications

Server Hardening, What is it really?

August 14th, 2008
by Admin

Server Hardening is often misunderstood as being a one off process to tighten the security on a server before it becomes live on the Internet. This is only partially correct, sure you want to tighten the security of your server before putting it on a Public Network, but its not enough to put it in and forget about it. The idea behind server hardening is the process of securing the machine not only before it goes live, but permanently.

We have seen around the Internet, “Server Hardening Guides”, “Security Checklists” and “Hardening Protocols” all of which seem to be one off documents where you follow through the checklists ticking off the boxes and completing the required steps. Once all the steps have been completed, email the completed checklist to the boss stating the machine is now secure and that’s the end of that.

This is actually good practise as an initial process, but what happens in the future when someone creates a utility that can breach the security of your hosted server? Or someone finds that your running an out of date software application that can be exploited? The sad fact about the internet is that if a server can be compromised your pretty much guaranteed that it will be in time.

The idea behind server hardening is to make your machine secure and keep it secure and up to date as possible.

What steps can you take? Well the main things are keep your software up to date, most software developers release fixes, updates or patches which rectify found flaws or exploits, remove unused usernames and logins from your servers, disable SSH access with the root account, make sure you are behind a firewall, use a data integrity / change detection tool like Tripwire and most importantly take backups lots of backups. Regular audits on your servers for software updates is also a good habit to get into. Another good habit to get into is keeping documentation on your hosted servers this way you can see what versions of software you have installed, when patches or updates were installed, who performed the work etc etc.

Did we mention backups? Regular checked backups are very important, especially when the data on your server is critical.

filed under Server Hosting, Dedicated Servers, Virtual Servers on Thursday, August 14th, 2008.
You can comment, or trackback.

No Comments

Add your own comment...

Copyright © 2008 GoHosting | ABN 65 681 061 153 | Ph: 1300 85 10 14 | Designed by ITReality
Australian domain name | Australian server hosting | Secure hosting | Application hosting | Asp web hosting | Australia web hosting