[TriLUG] Server Maintenance
Hite, Danny
Danny.Hite at per-se.com
Fri Aug 1 13:34:02 EDT 2003
> You could read several good books on the subject. This is far too
> broad a subject to get a quick answer to on a mailing list.
Agreed. There is no way to get all of the info from a mailing list. I merely
wanted to get some quick tips and a starting point. I have used many
different flavors of Linux in the past. It has always been a install,
tinker, break it, reinstall it type scenario. Now it counts and I want to do
it right. So logically I would first consult with...ummm...let me
think...TRiLUG!
> For free software, check out AMANDA. For commercially supported
> software, check out BRU.
This will fall in line with NetBackup below I hope. My reason for asking
this was due to the fact that Server 1 is in a DMZ/SSN. I don't want to open
anything (ports) from DMZ to internal if I can avoid it.
Also John mentions:
> > > You mention you already have NetBackup in house, NBU clients work well
> > > on linux, and as long as you are running version 4.5 FP3, have very
> > > few limitations that I know of. If you have already worked with NBU,
> > > you should have no problem installing and getting it running in no
> > > time.
No dice here as I am stuck with 3.4.1 of NBU.
> Simply patching your system is a good start, and for that I recommend
> that you install apt-get or yum on your machine and use those tools to
> update your system regularly. Both of these tools are fairly automatic.
This is sound advice that I have been doing on a somewhat regular basis.
Automation + reporting can be a good thing though(sometimes).
> Security is a process, though, and patching alone is not enough.
> Again, entire books have been written on this subject and it is too
> broad a subject to address quickly on a mailing list.
My initial thought was that the DMZ/SSN would isolate it enough, but Jon
mentions:
> > > You should be running a firewall on the box, and blocking all
> > > in/outbound ports that are not currently used by the server. Also, if
> > > you are extra paranoid, you should look at running Tripwire
> > > (an intrusion detection tool).
How far should I take this in a DMZ/SSN part of my network with only 1 port
being forwarded inbound?
> There are some programs that claim to do this, but in the end I've
> found I prefer to just page through my logs once or twice per day,
> skimming through and looking for things that stand out. Doing that in
> combination with one of the automated log analysis tools would be a
> good idea to consider.
> What you're asking for is a book on Linux administration. There are
> many good ones out there between $35 to $60 in price. Or you could
> take a few weeks of training for 100x that price. Of course going the
> other direction there are many good documents out there for free (see
> the Linux Documentation Project, as well as the great docs that came
> with those Red Hat CD's).
A book purchase is in my near future for sure.
> You'll save yourself a lot of reading time if you switch your MTA from
> Sendmail to Postfix. Did you happen to catch the Postfix classes that
> TriLUG hosted recently?
Interesting, so Postfix is much more...what? Faster, Reliable, Ease of
Setup, etc...???
> Wow you have some deep pockets. You'll have no problems affording
> those books. Or a consultant to handhold you through this transition
> (*wink*)
Yes, we had deep pockets about 2 years ago, but now I am having to
(Thankfully *grin*) consider open source solutions for future projects due
to budget restrictions.
More information about the TriLUG
mailing list