본문 바로가기
Dev/Linux

[Linux] How to Secure A Server

by 흰바다제비 2022. 9. 10.
728x90

1. How can a external entity establish connection to your server?
a. TLS | SSL usage for web requests.
b. usage of certificates for internal traffic
* Example ACM - Amazon Certificate Manager.
c. Connection to Remote Hosts from local machine.
- use SSH
- Two ways for SSH connection
1. Password
2. SSH Keys → more secure
- why? Checking SSH keys is more difficult. use self rotating keys to further enhance security.
- → Some goes for any credentials you use on your system.


2. Network firewall
- software or hardware
- It will help to control the traffic - traffic IN or traffic OUT


3. Abstraction out of Resources.
- External entity knows where abouts of only great facing proxy.
- not the hosts serving the request or any database you’re retrieving data from.

4. Resources Creation in VPC
- Not accessible directly from Public Internet

5. Networking Rules
- Any security group configurations. The Inbound and Outbound rules should be strict to allow the required traffic only.

6. Traffic Control
- Rate Limiting of requests per user | IP address.
- Confirm that you’re not a Robot - CAPTCHA

7. Continuous patching of applications.

8. Proper logging and monitoring


Reference

GitHub - msdeep14/getAheadWithMe: Sharing my experiences to help around.

Sharing my experiences to help around. Contribute to msdeep14/getAheadWithMe development by creating an account on GitHub.

github.com


728x90

'Dev > Linux' 카테고리의 다른 글

[Linux] Crontab이 작동하지 않을 때  (0) 2022.09.20
[Linux] SSH connectivity Issues  (0) 2022.09.11
[Linux] Troubleshoot Slow Server  (1) 2022.09.09
[Linux] Kernel  (0) 2022.09.05
[Linux] Network commands - curl, wget  (0) 2022.08.25

댓글