Data Protection & Securing Your Server From Hackers
Running your own server can be a tireless effort in keeping it safe and secure from hackers. While cybersecurity does require constant vigilance, it can become an easy routine once you know some useful procedures for defending your server from attack.
In this article, we will go over some methods you can start implementing in your server security routine, to enhance your server’s protection as soon as possible.
Hide all information on your server software versions
If hackers can identify the software version your server is running, they can use that information to exploit any known security flaws and weaknesses in that version. You’ll have to look up specific steps for your particular software and distro, but some common software and services you’ll want to check for this are:
Mail servers: Various mail servers can communicate their version in banners, which are sent after establishing a connection via SMPT, IMAP, and POP3, as a form of security handshake. It’s known as banner grab attacks.
Web servers: Analyze your server’s HTTP headers whether you use Apache, NGINX, Microsoft IIS, or anything else.
- SSH: OpenSSH communicates the OS version by default.
- File servers: Your FTP, SFTP, WebDav, and other file servers could be communicating their version info in greetings during the connection stage, pre-authentication.
- Web languages: Frameworks for PHP, Java, .NET, and other web languages can sometimes include HTTP headers with version info, such as “Powered by x”.
Consider virtualizing your SQL environment
SQL Server virtualization was once considered too resource-intensive to be practical in everyday usage, but times have changed as server hardware has significantly increased in power in the past few years. Some good practices to remember are to always try and use SLAT-compatible hardware, and to monitor server performance using a performance monitor tool like SentryOne.
Install only absolutely necessary software
If your server has a lot of services, plugins, and software installed, you have a fairly wide attack vector. Your server absolutely needs to be debloated, with only the most critical tools and software you need to be installed.
You should also make it a point of checking the dependencies for software, as this can lead to bloating by installing additional software. You should try to obtain software with the least amount of dependencies possible.
Secure against brute force attacks
Instead of allowing logins via password, consider SSH key authentication. SSH keys are several lines long of characters, numbers, and symbols, which are pretty much impossible to brute-force the keys themselves. However, there are other exploits that can be leveraged against SSH keys, such as tools for cracking weak SSH key passphrases to recover your SSH key. Still, it’s a much stronger form of security than regular passwords in many cases.
Other things to do are imposing limits on the authentication rate so that automated password and key checking is significantly slowed down, and automatically blocking IP addresses with a failed login rate.
Additionally, you should close as many network ports as possible while filtering the ones that cannot be blocked. Your firewall configuration should have a blocking policy by default, and you should filter open ports by only allowing traffic based on where you actually expect it to come from (IP address, location, etc.).
Regularly update your software
Many hacking attempts nowadays are either assisted or entirely performed by bot tools, which scan your network for critical exploits and entry points. You can mitigate a lot of potential risks by keeping your software updated, not just security patches for your operating system but any packages and dependencies as well.
You should also regularly check your server logs for signs of trouble, such as errors or strange events.
This is just a shortlist of immediate steps you can take to secure your server against hackers, but there are a lot more in-depth strategies you can adopt as you delve deeper into cybersecurity. If you’re running a server in your own home, you may also want to consider protecting yourself against data and identity theft.