DistributedNetworks DistributedNetworks

Securing Resources   «Prev  Next»
Lesson 2 Securing resources and services
Objective Coordinate permissions, services and settings to protect services.

Securing Resources and Services

Securing each resource and service is key to implementing an effective security system. This step involves some or all of the following actions:
  1. Changing server and system defaults
  2. Removing extraneous services
  3. Constantly monitoring public connections (VPNs, modem banks, and Web and FTP servers)
  4. Ensuring physical security
  5. Locking down registry keys and password file

Coordinating methods and techniques

One of the more important concepts in securing resources is the ability to coordinate methods and techniques so that if a hacker defeats one method, your system can counter with another. As you coordinate services, address each one separately and change the default settings. Network security systems should not depend upon only one type of security such as authentication, encryption, or auditing.

Hard disk configuration

Configure your hard disk for optimum security. Typically, a hard disk is configured so that
  1. One partition can be used for the operating system only
  2. Another hard disk can be used for the services or daemons running on the server
  3. A third partition or disk can be used only for data storage
To learn more about combining security techniques click on Securing Info.

Increase Security

Increase security by restricting access to only the resources needed by each service, dividing them by resource and then restricting them to the minimum access needed to do the job. For example, if a server acts as both a Web server and an FTP server, create two special accounts, one to be used by the FTP service to access resources through the operating system and the other to be used by the Web server.