December 2016

You are currently browsing the monthly archive for December 2016.

Probably the single most important thing you can do to secure your server is to keep it up to date.

This goes whether you are working for a large multinational corporation, or a small business, or even if you are a home user.

This also applies not just to the operating system packages, but to the firmware that lives on the hardware inside your server. Things like your BIOS (now replaced in most cases by EFI), your SATA and SAS controller(s), some backplanes, your hard drives and SSDs, your network card, the storage arrays (both direct attached external arrays and SAN-attached arrays) and and even the switch or router that your server is connected to, or in the case of VMs, the hypervisor those VMs run on.

Continue reading “CentOS Linux Server Hardening in 2016, Patching Intro” »

I’ve been doing quite a bit of research into “hardening” Linux servers lately. Specifically, CentOS servers have been the focus, as I don’t personally have much experience with other distributions.

What one person considers good enough, might be a walking nightmare for another. So with that being said, I’m going to start with basic steps that anyone can do.

Continue reading “CentOS Linux Server Hardening in 2016, Intro” »