A Brief Talk on Cybersecurity Awareness - Fresh Sweet IT.Net

JarryJarry has recently posted fewer articles, and the quality seems to have declined. This is actually what I want the least. But recently, work has been too busy and important, such as the unification and upgrade of the telephone networks for the three cities of Changsha, Zhuzhou, and Tanxiang. So, I can only calmly get through this period.

Recently, things have not been peaceful. Yesterday, the backbone network of Guangdong had issues again. This will probably be another large-scale impactful event after the "BaoFeng Gate". Hopefully, it's not caused by a hacker attack.

This leads me to discuss considerations regarding cybersecurity awareness.

Let’s take a Windows system Web server as an example.

Firstly, to make a server into a WebServer, you need an operating system. We install Windows Server 2003, and the first issue arises - basic system security settings, applying patches, virus defense, and network security settings. Just these already involve many elements.

Then, in order to run HTTP services, we install IIS and database services. Place the website scripts, import the database, and start it up. Now, the problems become more complex. To ensure the server has a relatively high security level, more work needs to be done, all of which are interconnected. You need to address IIS security settings, disk directory and file permissions, database security, database account permissions, system account security, system service security, website script security, IP strategies, etc.

Secondly, to manage the server remotely, the remote desktop provides a convenient function. However, it also becomes a potential security risk. Thus, we can enhance remote management security through various restrictions, such as configuring a VPN to access the remote desktop port, etc.

Finally, to further improve server security, hardware firewalls or other devices can be added to the server. Firewall policies should be set according to service requirements...

By now, we cannot count how many security factors there are for a WebServer with a relatively high security level. These factors form a circular protective barrier, logically embracing and protecting the services. You can imagine that if one link fails, won't this circle be torn open? Won't external attacks come in through this opening? Even worse, once one opening is breached, it may expand and spread to multiple factors, making the opening larger and larger, until eventually anyone can come in? The server then becomes a real "meat chicken" (a compromised server).

This process can also be described by the bucket effect. The bucket effect refers to a bucket needing every plank to be evenly aligned and undamaged to hold water. If one plank is uneven or has a hole, the bucket cannot hold water. It means that how much water a bucket can hold does not depend on the longest plank but on the shortest plank.

However, forming this circular protective barrier is very necessary. To create this rigorous barrier, continuous hard work is required, and frequent repairs and maintenance are indispensable. Jarry has a theory: For a server, any operation you perform may affect its security.

Whether during the deployment of the server or during subsequent security maintenance, the most important and guiding factor for security personnel is the security awareness mentioned in this article. With this awareness, it can continuously drive you to pay attention to everything related to the security of this server, thereby making the most correct adjustments to the security strategy.

Technorati Tags: Network, Server, Security, Awareness