search

Security - SSH/firewall/VPN

hashtag
1. SSH Keys

  • private key is kept secret and secure by the user

  • public key can be shared with anyone.

  • Password - you can try to get correct one.

  • SSH - have many more bits of data, and it is harder to guess.

hashtag
2. Firewalls

hashtag
VPNs and Private Networking

https://www.digitalocean.com/community/tutorials/how-to-secure-traffic-between-vps-using-openvpnarrow-up-right

hashtag
3. Public Key Infrastructure and SSL/TLS Encryption

Prevent man-in-the-middle attacks

hashtag
4. Service Auditing

discovering what services are running on the servers in your infrastructure.

Stay attention to are Proto, Local Address, and PID/Program name.

If the address is 0.0.0.0, then the service is accepting connections on all interfaces.

hashtag
5. File Auditing and Intrusion Detection Systems(IDS)

File auditing = detect changes to the system that may have been authorized.

IDS monitors a system or network for unauthorized activity.

https://www.digitalocean.com/community/tutorials/how-to-use-tripwire-to-detect-server-intrusions-on-an-ubuntu-vpsarrow-up-right

https://www.digitalocean.com/community/tutorials/how-to-install-aide-on-a-digitalocean-vpsarrow-up-right

hashtag
6. Isolated Execution Environments

Separating your components can limit the access that an intruder has to other pieces of your infrastructure.

PreviousDigital Ocean - stepsNextSecurity - MongoDB

Last updated