WEB General
  • Introduction
  • JWT vs Session
  • Stream & Multipart
  • Digital Ocean - steps
  • Security - SSH/firewall/VPN
  • Security - MongoDB
  • Security - XSS|CSRF
  • MISC
  • STACK = websocket & socketIO
  • STACK = FE Glossary
  • STACK = BE Glossary
  • STACK = Security Glossary
  • websocket
Powered by GitBook
On this page
  • 1. SSH Keys
  • 2. Firewalls
  • VPNs and Private Networking
  • 3. Public Key Infrastructure and SSL/TLS Encryption
  • 4. Service Auditing
  • 5. File Auditing and Intrusion Detection Systems(IDS)
  • 6. Isolated Execution Environments

Was this helpful?

Security - SSH/firewall/VPN

PreviousDigital Ocean - stepsNextSecurity - MongoDB

Last updated 5 years ago

Was this helpful?

1. SSH Keys

  • private key is kept secret and secure by the user

  • public key can be shared with anyone.

  • Password - you can try to get correct one.

  • SSH - have many more bits of data, and it is harder to guess.

2. Firewalls

VPNs and Private Networking

3. Public Key Infrastructure and SSL/TLS Encryption

Prevent man-in-the-middle attacks

4. Service Auditing

discovering what services are running on the servers in your infrastructure.

sudo netstat -plunt

Stay attention to are Proto, Local Address, and PID/Program name.

If the address is 0.0.0.0, then the service is accepting connections on all interfaces.

5. File Auditing and Intrusion Detection Systems(IDS)

File auditing = detect changes to the system that may have been authorized.

IDS monitors a system or network for unauthorized activity.

6. Isolated Execution Environments

Separating your components can limit the access that an intruder has to other pieces of your infrastructure.

https://www.digitalocean.com/community/tutorials/how-to-secure-traffic-between-vps-using-openvpn
https://www.digitalocean.com/community/tutorials/how-to-use-tripwire-to-detect-server-intrusions-on-an-ubuntu-vps
https://www.digitalocean.com/community/tutorials/how-to-install-aide-on-a-digitalocean-vps