Thread: How to secure a server?
View Single Post
  #7 (permalink)  
Old 02-27-2007, 03:41 PM
Peter
Guest
  
Posts: n/a
Default Re: How to secure a server?
I want to say sorry in advance in case my reply appears to be a top post.
I'm still not used to KNode.

> A good starting point is a degree in computer science and abut 5 years
> field experience setting up and managing systems.

Yes, I have a degree in computer science. But I have no experiences in
managing a large system.

>
> Go read a few books, mosey over to Sans.org/cert.org and read some of
> their free whitepapers. Checkout Brainbench for cheap/free exams (no point
> in reading the books unless you can prove you understand them). There's a
> lot of introductory level stuff on wikipedia - but be wary of the value of
> infromation published there. Another good site is www.securityfocus.com

Thanks for your advice. I can understand those papers to a certain extent.

>
> You'll get lots of opinions on Usenet, and occassionally some good advice;
> If you had supplied about 100 words on what it is you are trying to secure
> then you might have got some specific advise here. Are you ready to
> understand it?

That's the reason i'm asking for advice here :)

What I'm trying to secure here is a Darwin server (I'm really amazed that
there are someone running Mac a machine as a server). It has Tomcat as an
application server. The Tomcat server is rather old. I considered updating
it. However, upgrading Tomcat to the newest one, 6.x, will require
modifying the web application running on it. Even an application compatible
with 5.5 also needs modifying. The worst thing is that when i took over the
administration, there are little documentation of the system. In the end, I
have to give up the idea. One of my biggest concern is how to prevent a DoS
attack and leak of user's information as the company intends to create a
community website.


>> In case my server was intruded, what is the procedure to stop the attack,
>> secure the system and rescue the data?
>
> Is this a troll? If not, its time to call Ghostbusters :(
>
> C.

No, I'm serious. You cannot assume a system is 100% secure. You may make a
mistake somewhere. I read some hacker technique to gain root access and
remove their trace. It may be silly but I want to know how to detect
anomalies and stop attack.



Reply With Quote