As an administrator of a system, by having your own server, one of your most important duties is dealing with server security and it is very important for you to understand the responsibility behind it. When the web server is connected to the Internet for security purposes, it’s a war zone. In the case of an internal server, the server itself is not a big security problem; there are a few things you should take care on your system. You need to deal with malicious users and disgruntled employees.
Passwords:
Having very common password like your name or your family members name does not guarantee enough security. It is advisable to use passwords consisting of both numerical as well as alphanumerical characters. Passwords should be complicated enough for an outsider to encrypt.
File transfer and remote login:
If you are thinking about transferring files to and from your system shut the FTPd down. SCP does the same in a much more safer or a secure way. By quickly checking the man pages for SCP, we get:
“scp copies files between hosts on a network. It uses SSH for data transfer, and uses the same authentication and provides the same security as ssh. Unlike rcp, scp will ask for passwords or pass phrases if they are needed for authentication.”
Checking the logs:
The logs on your system should be periodically checked. All the vital things about the current status of your system can be seen from the logs. While manually checking all the files takes some time, and time is precious, there are a few tools that help you automate the process of checking your system logs.
System security:
One of the most important things that can be done to protect the server is implementing very basic access control. Access control can eliminate the risk that is associated in running out of date services on the Internet. In order to execute an effective access control policy on your dedicated server, the IP address or addresses of your Internet connection is needed.
