Thread: How to secure a server?
View Single Post
  #6 (permalink)  
Old 02-27-2007, 12:20 AM
Tarkin
Guest
  
Posts: n/a
Default Re: How to secure a server?
On Feb 26, 11:01 am, Peter <e...@peter.com> wrote:
> Hi all,
> I'm new to the computer security. Can you show me some starting point of
> securing a server? What i read on most sites about security is that
> updating the system is one of the best pratices. However, i find it quite
> hard to do that on daily basis, especially when you have a server with
> little or zero support such as Fedora 1/2/3 or Win2K. I also heard about
> IDS but most of IDS systems require experiences of the admin to set up a
> good database, which is impossible for beginner like me. How secure is a
> firewall with good policy?
> In case my server was intruded, what is the procedure to stop the attack,
> secure the system and rescue the data?
> If possible, please refer me to sources where i can learn more. I want
> something detailed, not just general guidlines that can be found by google.
>
> Thanks a lot.
>
> --
> Peter - A newbie.

>little or zero support such as Fedora 1/2/3 or Win2K.

Support for Fedora, AFAIK, is provided in forums and
mailing-lists. Have you even tried them (for Fedora)?

As for Win2K....I think you'll have enough of a challenge
just getting it to act reasonably as server. Sure, you can
slap [Apache/Tomcat/Jetty/whatever] on it, but that is
not that particular OS's forte. I am sure there are mailing
lists for that OS, which *are* discoverable via Google, and
who would be better qualified/able/willing to entertain that
question.

>What i read on most sites about security is that
> updating the system is one of the best practices.
> However, i find it quite hard to do that on daily basis,

Then you will find system administration is not your
bag, either. Win2K has 'Windows Update' available
(unless you removed it). Now, unless you're talking
about the pain or rebooting, there is nothing easier
than using Windows Update....with the exception of
the fine GUI administration tools provided by Debian,
Fedora, and literally dozens and dozens of others.
Running from a CLI? AFAIK, the GUI tools are merely
wrappers for CLI package-management tools.

A quick use of Google with the terms
'Fedora 1 2 3 package management security'
should return copious results. As would
'Linux documentation security administration'.

There are literally dozens of 'detailed' system
administration guides. I installed one, on my
Debian box, using the GUI package management tools.

HTH,
Tarkin


Reply With Quote