Skip to main content

#LearnedIT: IT Security Foundations - Protecting Our Server


Hi again, same course, different submenu.

Let's play a game -  Based Upon the Menu, How Much Do I Remember? I did take Sever 2008/12 during my time in college and found it one of the more fun aspects!

Hardening the Server -
Put it behind a correctly-configured firewall if it's facing the internet. Correctly configured means the proper rules are established regarding access (think 'allow tcp any any') , and ports on the server should be closed if they're not being used unless, again, it's properly configured. Use ACLs to allow one computer located in an area you know is safe and has limited web access to configure the server. 

Run auditing, and don't give any one person more permissions than they need. Principal of least privilege! 

Train your users.

Lisa Bock, our author,  doesn't get as deep as I do, but helpfully reminds us that the physical server should be in a secure, monitored environment to ward off intruders and also overly cool or hot (or humid) weather conditions.

So, how servers survive in Florida is beyond me.




Essential file services (Sharing, web, database) should be on different servers.
Applications shouldn't have direct access to a server, and should go through a proxy - and of course, clear it with us, your Network Administrator, before installing or using any applications.

All in all - I grade myself a fair. Could be better. But that's why we're here. Learning!


Next is Hardening - Updates and Patches -
If you can, test patches and updates in an test environment. See how long it might take, if it disables or modifies any important features for your server. Disable nonessential applications and services, have anti-virus, and don't randomly install freeware. Turn off automatic updates, especially if they come from Microsoft.

What does Lisa say now? Mostly what I said! Whoo! Including;


  • Conduct risk assessments.
  • Also, remember use long and complex passwords.
  • Check for Service Packs.


Third - Protocol Good Practices.
All I have is encrypt things.

Sure enough the first point is 'Use HTTPS'.


  • Secure Shell with Telnet or PutTTY, which I have used!
  • Utilize Network Time Protocol
  • Find a type of software that can encrypt FTP transfers. 

This is a URL you can use to access your file server (not secure)! The layout looks really different than in the 90's, I remember a bunch of hyperlinks in courier.

She tells us how the turn off Telnet capabilities, and it's at this point where I paused and went to my Windows 10 Machine to check, and happily, I had already turned it off.



Our final task? The Microsoft Baseline Security Analyzer -
It identifies security issues and makes sure all patches and updates are in place.


Comments

Popular posts from this blog

The Updated "What I'm Looking For In A Role" Post (2020)

Thank you for wanting to help with my job search! Here are some parameters.


Ideal:
Part time remote, text based support [Example Description]. It's a little far fetched, but the positions do exist. I enjoy having the flexibility to take on temporary projects from time to time!
Also; If anything sounds weird, out there, or unusual - Feel free to e-mail me. Doesn't have to be tech related. I just have to find it interesting and flexible.


Looking For This Type of Work:
Simplified writing about tech. [Example Job Description] You want to pay me to write more of *waves hand* this blog? I am game.
IT SupportUX Auditing [See Here]eCommerce merchandising [See Here]Email Marketing Specialist [Example Job Description]  ProofreadingThe following is what I was trained in. Roles will be considered, and I am looking to pivot to the above. Still part-time, contract, and/or temporary
Azure
Cisco routing and switching technician

Volunteering:
Find me on Jumpstart and CareerVillage.

Location:
Remote is…

Azure Networking Options - Core Cloud Services

I have done a lot of AWS things on here. Time to give Azure some attention. After all, since employers don't think Cisco or COMPTIA certifications are important, maybe Microsoft ones are?

First, let's really think about why these are the two biggest cloud services providers in the world:

They've been doing internet things for a long time.Amazon launched in 1995, a virtual bookstore.
Microsoft, well, you know. 

They've lived, breathed, and frankly, created, infrastructure that we use today, that they're selling to us today. Of course the Store of Everything and the Company of Everything would encourage us to put everything in their hands.

Also: Azure has a lot less silly names for modules. Important. I appreciate straightforwardness.


I said 'a lot less', not '100% sensible names'

Microsoft has a clear set of Azure Fundamentals that anyone can interact with. Let's talk about networking basics, basically to say, again, "Hi, employers, I have an …

Grace Hopper Celebration 2019 (GHC19)

From Aicha Evans' speech at the Keynote.
September 6th - I receive an email from Anita B Organization, saying "We read your application, we like your website, and here's a free ticket to GHC 2019 in Orlando, Florida!"


After a few more questions, it seemed everything was on the up and up, and so I accepted - and that's what this post is about!

For those who don't know, Grace Hopper Celebration is the largest gathering of Women in Technology in the world.

On a personal note, This is the first trip I've taken without my parents. Sure, they've left me behind to go on vacations, but I've never left them. I was totally worried! But you know what happened?

I met a lot of cool people in Orlando, learned a lot of neat things, and had a blast just walking around airports for upwards of 8 hours.

New Delta Sky Club on Wikimedia I really, really love airports! And I survived.

I know in the past, I've wormed my way out of jobs despite being interested simpl…