Server Hardening Strategies

Articles
Staying secure is a full-time gig. It doesn't matter whether we're talking a datacentre or your smartphone, there are always steps to be taken to keep your machines and your data as safe as possible. With the increasing popularity of virtualization for applications and services and the ability for people to "roll your own" cloud comes the need to secure those machines. This becomes increasingly challenging when you consider the fact that by their very nature these machines are constantly exposed to the Internet. ### Minimize Your Attack Surface **Don't install it unless you need it** One of the best things you can do to harden a server environment is to take a minimalistic approach. Don't install components that you think you "might need" somewhere down the road, or things…
Read More

The Problem to Be Solved

Articles
Before working on any new project it's important to have a good grasp on just what ends you are trying to achieve. Accomplished podcaster and all-around good egg [Allison Sherridan](https://twitter.com/podfeet/) of the [Nosillacast](https://podfeet.com/) has a policy for product reviewers on her show: _first, start with the problem to be solved_. Since I believe this is a wise and logical course of action, the second post in the home technology series will do just that. Let me just start with the caveat that I'm going to throw the word **need** around rather loosely for this post. I realize these are toys, for the most part. I could certainly survive without them, but these are toys and tools that I use in my day-to-day life pretty extensively, and a number of my…
Read More

Home Server Build part 4 – Remote Access (Ubuntu School)

Articles
Now that the basic server is set up and ready to go it's time to get started with the good stuff. The first thing on the priority list is making sure we know how to control the server. Being able to control and administer the server remotely is the key to being able to run the server as a [headless](http://en.wikipedia.org/wiki/Headless_system) machine. The key technology of this remote access strategy is [SSH](http://www.openssh.org/). ### SSH - Secure SHell SSH is a key technology common in all [POSIX](http://en.wikipedia.org/wiki/POSIX) operating systems. The program provides command-line terminal access to the remote system over an encrypted connection. SSH has effectively served as a replacement for telnet which provides remote terminal services, but is not encrypted. It is also possible to route traffic from your computer through…
Read More