We're a community of 1077K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,076,478 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: Download FREE Help Desk Software & Helpdesk Tools from Spiceworks
1 Year Ago
0

How Secure Is My Server?

I know this question is extremelly hard to answer without actually checking how I setup my server, but I wondered if anyone could give me a quick rundown and/or information as to how I could check and protect it further.
I am running a Web Hosting Server using old computer components, the server runs Ubuntu 11.10 Server Edition and automatically updates.
I am also running the Linux Firewall and a seperate firewall package. I only allow Ports 22 and 80 to be accessed.
The server is connected via ethernet to my router which also has it's own firewall and again, only allows ports 22 and 80 and when those ports are accessed it points it to the server.

I am running a MySQL database and I have placed various anti-SQL Injection lines into my site to prevent people from infecting the database.


Can anyone else suggest what I can do to further improve security, rate my security and/or tell me what sort of damage they can do if someone got in? When I say this, I primarily mean to other machines on the network as opposed to the server itself.


Thank you

4
Contributors
3
Replies
1 Day
Discussion Span
1 Year Ago
Last Updated
4
Views
Question
Answered
AHarrisGsy
Posting Pro in Training
498 posts since Nov 2011
Reputation Points: 52
Solved Threads: 41
Skill Endorsements: 13
1 Year Ago
0

Hello,

I would try running nmap against your server and take a look at this site for some suggestions on security settings to use.
http://www.tldp.org/HOWTO/Security-HOWTO/

rch1231
Veteran Poster
1,040 posts since Sep 2009
Reputation Points: 142
Solved Threads: 154
Skill Endorsements: 12
1 Year Ago
0

In addition search for "MySQL hardening" to enhance MySQL config and try RatProxy to test your application: http://code.google.com/p/ratproxy/

cereal
Veteran Poster
1,146 posts since Aug 2007
Reputation Points: 344
Solved Threads: 223
Skill Endorsements: 22
1 Year Ago
0

In my experience, your basic configuration at process is solid. However, you need to make sure that your web applications are not susceptible to SQL injection attacks. That is likely your most vulnerable point of system compromise.

rubberman
Posting Maven
2,581 posts since Mar 2010
Reputation Points: 365
Solved Threads: 308
Skill Endorsements: 52
Question Answered as of 1 Year Ago by cereal, rch1231 and rubberman

This question has already been solved: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Hardware and Software > Linux and Unix
View similar articles that have also been tagged:
 
© 2013 DaniWeb® LLC
Page rendered in 0.1239 seconds using 2.73MB