Archive for the ‘Operating System’ Category

 

How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)

Tuesday, January 29th, 2013 by

This is Part 2 of a GoGrid security blog series on identifying and recovering from a Linux security breach. Part 1 provided general guidelines for conducting a security analysis on a compromised Linux server and forming strategic teams to address and resolve the breach.

In this article, we’ll review some recommended steps for recovering from a breach.

Recovering from the Breach

Lock the doors

Now that you’ve confirmed that there are no intruders logged in and you’ve identified the established connections, it’s time to “lock the doors.” Locking the doors largely depends on who is managing your firewall. Contact GoGrid in the event that we’re managing your firewall or perform the following actions if you manage your firewall:

  • Modify your system’s iptables configuration to restrict all remote console connections such as SSH to your office network
  • Modify your system’s iptables configuration to block all previously identified suspicious connections from and to your system.
  • Modify your system’s iptables to block all other services from the public Internet to your server. Doing so will effectively bring down your website or services, but you want to avoid compromising your customers or web site visitors.

Install and run a rootkit analyzer

(more…) «How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)»

How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)

Monday, January 28th, 2013 by

This 2-part GoGrid security blog series provides general guidelines for conducting a security analysis on a compromised Linux server and for recovering from a breach. Before you begin the security analysis, you need to consider two important factors:

1. The type of data your compromised server is storing or transmitting,
2. How important the server’s function is to your business

The data type—Personally Identifiable Information (PII) or Protected Health Information (PHI), for example—is important because your organization could be legally required to notify external parties and local or federal government agencies in the event of a breach. The compromised server’s function is important because its criticality may drive the recovery timeline.

You also may want to consider engaging a third-party that specializes in security forensics.

This series will cover 3 important items:

1) Understanding & assessing the breach
2) Setting up forensics & recovery teams
3) Recovering from the breach

Although this series won’t replace what a competent security firm can accomplish, it does provide an overview of some core processes, procedures, and activities you can do to potentially recover from a breach. And because each incident varies based on your computer system, be sure to conduct additional analysis and consult with experts to double-check your breach identification and resolution plan. (more…) «How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)»

Windows Server 2012 Now Available in the GoGrid Cloud

Tuesday, January 8th, 2013 by

When we launched our Cloud Infrastructure back in April 2008, one of our core requirements was to not only provide Linux distributions, but also Windows Servers in the cloud. We offered Windows Server 2003 immediately and a few months later added Windows Server 2008 to the mix.

Last month, we added Windows Server 2012 64-bit to round out our robust Windows Server line in the GoGrid cloud.

Windows-Server-2012-GoGrid-collage.fw

We continue to provide Windows Servers in the cloud license-free meaning that you do not pay an additional surcharge on top of your cloud infrastructure costs. The only exceptions to this are for Windows Servers that have Microsoft SQL Server included.

It’s important to note that there is no longer an 8-core limitation on cloud servers. We now provide the same core allocations as we do with our Linux cloud servers, specifically:

  • XX-Large Cloud Servers with 16 GB RAM now come with 16-cores
  • XXX-Large Cloud Servers with 24 GB RAM now come with 24-cores

The number of cores is directly tied to the size of the server: (more…) «Windows Server 2012 Now Available in the GoGrid Cloud»

Security Basics: 4 Steps to Tighten up Linux Security

Tuesday, November 20th, 2012 by

Our previous security articles from GoGrid discussed 5 steps to enhance your security on Microsoft Windows and how to tighten up Windows security. But what about making your Linux server security a bit more robust?

security-camera

Overview

Security studies strongly demonstrate that most systems will be attacked within 5 hours after becoming publicly accessible—in some cases, in less than 2 hours. The sources of the attacks are often unsuspecting users whose systems have been compromised by malware and are in turn being used to attack and infect other systems. The majority of attacks target two common threats:

  1. A combination of commonly used system accounts (e.g., the root account) with weak, dictionary-based passwords
  2. Systems that are missing critical or high-security vulnerabilities

Solution

This article provides GoGrid’s security recommendations for Cloud Servers running Linux. Perform these 4 steps in sequential order immediately after provisioning new GoGrid Cloud Servers to maintain the security (confidentiality + integrity + availability) of your system. (more…) «Security Basics: 4 Steps to Tighten up Linux Security»

How To Tighten Up Windows Security

Thursday, October 25th, 2012 by

In the previous Security article from GoGrid, we outlined 5 Steps to enhance your security on Microsoft Windows. This article walks you through some of these steps.

vault

Step 1: Patch your system

The following steps apply to Microsoft Windows 2008 OS and Microsoft applications:

  1. Select the Start button
  2. Type “windows update” in the search area and press the Enter button.
    windows-update
  3. You should see the following screen:
    updates-available
  4. Select the Check for Updates option, which will connect to Microsoft to determine if your system requires security updates.
    check-for-updates
  5. Install security updates by pressing the Install updates button.
    Note: You may need to reboot your system immediately after you’ve applied the security updates.
    install-updates

Step 2: Rename the administrator account

The following steps apply to Microsoft Windows 2008: (more…) «How To Tighten Up Windows Security»