Presentation is loading. Please wait.

Presentation is loading. Please wait.

Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data."— Presentation transcript:

1 Potions of Protection Server Security

2 What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data –High, Server the contain private data that needs extraordinary measures of protection HIPPA, FERPA, Act, Credit Card data, GLB What is a server? –Common share point w/ files, images, web- based services

3 Ingredients for Protection Potions Defense –Firewalls –Host Hardening –Secure Communications –Physical Security Monitoring –Network Monitoring –Host Monitoring Discovery –Forensics

4 Defense! Firewall –3 ways to deploy –Securing Concepts Remote Administration –Linux SSH, nonstandard port –Windows RDP, no connections to/from public internet Ethereal http://www.ethereal.com/http://www.ethereal.com/

5 Defense Host Hardening –Authentication and Account management –Install and Patch OS Update.microsoft.com, http://sunsolve.sun.com/ http://www.redhat.com/apps/support/updates.htmlhttp://sunsolve.sun.com/ http://www.redhat.com/apps/support/updates.html –Install Anti-virus –Do we need that? Netstat –aonbv TcpView http://www.microsoft.com/technet/sysinternals/utilities/tcpview.msap x. http://www.microsoft.com/technet/sysinternals/utilities/tcpview.msap x Netstat -aopl –Access Control –Controlling Services Autorun http://www.microsoft.com/technet/sysinternals/utilities/autoruns.mspx http://www.microsoft.com/technet/sysinternals/utilities/autoruns.mspx  Init and inetd daemons  find /var -iname "*cron*"

6 Services to Disable

7 Services to Review

8 Defense Secure Connections –Encrypt that message! –Disk Encryption

9 Monitoring Network Monitoring –Ethereal, Wireshark –Netstat

10 Monitoring Host Monitoring –File Integrity Checks Afick, Another file Integrity Checker –AIX, Linux, Windows Aide, Advanced Intrusion Detection Environment –Shipped with Fedora 3, 4, 5 –Log Monitoring Logwatch

11 Discovery Forensics –http://www.foundstone.com/us/resources- free-tools.asphttp://www.foundstone.com/us/resources- free-tools.asp

12 Extra Credit Review trusted relationships Review FTP Configurations Avoid running web servers as root and remove all sample scripts Strong Encryption –PGP, SSH, SSL Non-Routed IPS

Download ppt "Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.

Host Hardening (March 21, 2011) © Abdou Illia – Spring 2011.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.
Voyager Server Security and Monitoring Best practices and tools.

Voyager Server Security and Monitoring Best practices and tools.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.

WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.
Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.

Automating Endpoint Security Policy Enforcement Computing and Networking Services University of Toronto.
1 Host – Based Intrusion Detection “Working of Tripwire”

1 Host – Based Intrusion Detection “Working of Tripwire”
1 COP 4343 Unix System Administration Unit 16: file server – samba.

1 COP 4343 Unix System Administration Unit 16: file server – samba.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.

Similar presentations

Ads by Google