[GLLUG] Server

[Clay Dowling]

On Sun, 7 Jun 2009, user at qtm.net wrote:

> Hi All,
> What makes a secure server?
> Phil

Phil,

Bring your questions to the next meeting at Jeff's house, and we can 
probably help you out.  Although that meeting will be even more about 
socializing and food than normal.

In general: software is up to date, and has been thoroughly audited for 
security holes.  Unnecessary services are turned off.  Necessary services 
run with the minimal services necessary, and seek to shed privleges as 
soon as possible.

If you really want to go all the way into security for the paranoid, start 
learning about OpenBSD and their philosophy towards security.  While I do 
recommend their OS for setting up a secure server, it's their approach to 
creating a secure OS that is important to understand.  The core developers 
are paranoid.  They aren't paranoid delusionals, there really are people 
out to get them.  So they have established a set of best-practices for 
keeping badlife out of their machines.

Clay