Server security – Process and Precautions

One of the biggest concern for most server owners and providers is Server Security. Vulnerabilities and attacks increase on a day to day basis. So security flaws and vulnerabilities have turned out to be the biggest headaches and nightmares for server administrator. Even the simplest flaw in security policy can result in critical vulnerability in a server. Needless to say even the biggest players in the hosting industry are pumping in more money in increasing the security level of their organization.

Having an effective security policy can minimize the number of hack/attack attempts substantially. The attack will keep increasing, if the data to be secured is more valuable than the effort to hack the same information.

Including the following policies will help minimize the vulnerability of servers –

1. Minimize access to the server.

It is very important to minimize access to the server. The access should be restricted only to valid user. To minimize the access, we can have multiple user levels. Eg: pseudo users. We can also change the server port number, so that the hackers will fail to identify the correct port. It is also recommended to provide access to a server based on the IP, so that only the valid users from a valid location can only access the server.

2. Practice good password habits.

Avoid simple, easy-to-guess passwords, particularly for privileged administrator/root accounts. Include special characters, numbers in your password. DO NOT use simple names, telephone number, name123 etc as your passwords. It is recommended to have atleast 8 characters in your password, while 16 is highly prefered.

3. Monitor your server logs.

Logs are the footprints of all the actions performed inside a server. Even if an attack has happened, you can trace out the attacker from the access logs of your server. Review your logs regularly for signs of extra-ordinary behavior.

4. Check programs for security holes.

Make sure that server software are properly updated. The unstable versions of server softwares will be buggy and will act as a backdoor for the attacker. Always update the server softwares to their latest stable edition. Make sure to apply proper patches regularly.

5. Limit server services.

The undesired server services itself can act as a platform for the attack to server intruder. The misuse of a server service will provide the attacker a better option for his attack. Attacker can use the binary of undesired server service to begin his attack. Disable or remove the ownership of undesired services. Enable only the required services inside the server.

6. Differentiate the server’s private and public information.

Do not keep sensitive information inside a web server, since it is more exposed to the attacks. Publish only the required but not all the information. Keep the private information always inside a intranet server rather than on an internet server.

7. Enable proper security tools.

Ensure that your server is running with security tools like firewalls, antivirus, port scanners, rootkit scanners etc. Tighten the firewall as much as you can so that only the privileged/desired can access the server. Make sure that the antivirus definitions are properly updated. It is highly recommended to tune security audit atleast on a weekly basis.