ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Some thoughts about Security

    IT Discussion
    11
    37
    10.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Alex Sage
      last edited by scottalanmiller

      How do we know when we being overly concerned with security?

      For example, I have about 25 different Linux servers at home. Each of them have a randomly generated 25 character passwords (with UPPERCASE, lowercase, numbers and special characters. Root is disabled over SSH. Firewall is enabled, and only needed ports are open - some even have SSH blocked so you have to have console access.

      In addition to all this, I also have a Edge Router X router. I only forward ports when needed, and I review at least once a week.

      If we assume the Edge Router X is secure and working correctly, isn't all this other security pointless and just adding complexity?

      Security Generic Image

      1 Reply Last reply Reply Quote 2
      • gjacobseG
        gjacobse
        last edited by

        No,.. I don't believe so. I am not great on security,.. but the more layers you have, the better you are. Yes it is a hassle. but if it protects you, then you are doing right.

        Going along the lines of something @scottalanmiller said, how much is your data worth... to YOU. If it is worth something, then it is worth that level of effort.

        Sadly as with anything, virtual or physical. If someone wants it bad enough all you can do is slow them down. I can secure a hard drive in a air tight container, encapsulate it in 4 inches of steel, 200 inches of concrete, then drop it in the deepest part of the ocean. If someone thinks it has value,.. they will try to retrieve it.

        A scottalanmillerS 2 Replies Last reply Reply Quote 1
        • A
          Alex Sage @gjacobse
          last edited by Alex Sage

          @gjacobse said:

          I can secure a hard drive in a air tight container, encapsulate it in 4 inches of steel, 200 inches of concrete, then drop it in the deepest part of the ocean. If someone thinks it has value,.. they will try to retrieve it.

          The funny thing is someone would that it has value, because of all the work you put into protecting it 🙂

          I guess that's my point here. This is my home server, it's not like I am protecting company information. How far is too far?

          BRRABillB DashrenderD scottalanmillerS 3 Replies Last reply Reply Quote 1
          • BRRABillB
            BRRABill @Alex Sage
            last edited by

            @anonymous said:

            I guess that's my point here. This is my home server, it's not like I am protecting company information. How far is too far?

            You have 25 servers for home?

            A 1 Reply Last reply Reply Quote 0
            • G
              GlennBarley
              last edited by

              I'm not sure there is ever "too much security." The more secure your systems are, the better.

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • A
                Alex Sage @BRRABill
                last edited by

                @BRRABill said:

                You have 25 servers for home?

                25 VM's on one host 😉

                BRRABillB 1 Reply Last reply Reply Quote 1
                • BRRABillB
                  BRRABill @Alex Sage
                  last edited by

                  @anonymous said:

                  @BRRABill said:

                  You have 25 servers for home?

                  25 VM's on one host 😉

                  You have 25 VMs for home? 😉

                  A DashrenderD 2 Replies Last reply Reply Quote 2
                  • A
                    Alex Sage @BRRABill
                    last edited by Alex Sage

                    @BRRABill Yes 🙂

                    1 Reply Last reply Reply Quote 1
                    • DashrenderD
                      Dashrender @Alex Sage
                      last edited by

                      @anonymous said:

                      The funny thing is someone would that it has value, because of all the work you put into protecting it 🙂

                      While some people might think that because of your extreme protections it has value, the reality is that most hackers won't bother - they will move on to easier targets.

                      Those who would be willing to go to nearly any length are probably doing so because they Know it's value, and that value is greater than the cost of them getting the data.

                      quicky2gQ 1 Reply Last reply Reply Quote 0
                      • scottalanmillerS
                        scottalanmiller @gjacobse
                        last edited by

                        @gjacobse said:

                        Going along the lines of something @scottalanmiller said, how much is your data worth... to YOU. If it is worth something, then it is worth that level of effort.

                        Actually the guideline is "how much is it worth to someone else" and you need to make it cost more to hack then it is worth for them to have hacked.

                        1 Reply Last reply Reply Quote 2
                        • DashrenderD
                          Dashrender @BRRABill
                          last edited by

                          @BRRABill said:

                          @anonymous said:

                          @BRRABill said:

                          You have 25 servers for home?

                          25 VM's on one host 😉

                          You have 25 VMs for home? 😉

                          that's not really an issue - he could have tons of gaming VMs, like Scott now has a MineCraft PE gaming VM.

                          The bigger question is, what are you hosting to the internet?

                          BRRABillB 1 Reply Last reply Reply Quote 1
                          • scottalanmillerS
                            scottalanmiller @Alex Sage
                            last edited by

                            @anonymous said:

                            @gjacobse said:

                            I can secure a hard drive in a air tight container, encapsulate it in 4 inches of steel, 200 inches of concrete, then drop it in the deepest part of the ocean. If someone thinks it has value,.. they will try to retrieve it.

                            The funny thing is someone would that it has value, because of all the work you put into protecting it 🙂

                            I guess that's my point here. This is my home server, it's not like I am protecting company information. How far is too far?

                            Depends, is the value in learning about security practices? Or do you really feel that you are protecting something worthwhile?

                            1 Reply Last reply Reply Quote 0
                            • BRRABillB
                              BRRABill @Dashrender
                              last edited by

                              @Dashrender said:

                              that's not really an issue - he could have tons of gaming VMs, like Scott now has a MineCraft PE gaming VM.

                              The bigger question is, what are you hosting to the internet?

                              I'm just amazed to have that many servers for personal use. 🙂 Kudos!

                              scottalanmillerS 1 Reply Last reply Reply Quote 0
                              • scottalanmillerS
                                scottalanmiller @GlennBarley
                                last edited by

                                @GlennBarley said:

                                I'm not sure there is ever "too much security." The more secure your systems are, the better.

                                I don't agree. That's the same logic that SMBs use to say "more availability is better", but we know that's far from true. Security, availability, performance, capacity - they all take time and money. They are only valuable as long as there is a return. Spending $100 to protect $10 doesn't make sense.

                                1 Reply Last reply Reply Quote 1
                                • scottalanmillerS
                                  scottalanmiller @BRRABill
                                  last edited by

                                  @BRRABill said:

                                  @Dashrender said:

                                  that's not really an issue - he could have tons of gaming VMs, like Scott now has a MineCraft PE gaming VM.

                                  The bigger question is, what are you hosting to the internet?

                                  I'm just amazed to have that many servers for personal use. 🙂 Kudos!

                                  Well think about building a lab. You want a storage device, jump box and logging kind of at a minimum. That's three.

                                  Now you want to test out a few OSes. You might have a VM for 2012 R2, 2016, 2012, 2008 R2, 2008, 2003 R2, CentOS 6, CentOS 7, Suse Leap, Suse Tumbleweed, Ubuntu 14.04, Ubuntu 15.10, Fedora 23, Arch Linux, Debian Jessie, FreePBX, FreeBSD, NetBSD, DragonFly, Solaris, Windows 10 and Gentoo.

                                  That's 25 VMs without running any services, just having vanilla test platforms for different OSes!

                                  BRRABillB A 2 Replies Last reply Reply Quote 2
                                  • BRRABillB
                                    BRRABill @scottalanmiller
                                    last edited by

                                    @scottalanmiller said:

                                    Now you want to test out a few OSes. You might have a VM for 2012 R2, 2016, 2012, 2008 R2, 2008, 2003 R2, CentOS 6, CentOS 7, Suse Leap, Suse Tumbleweed, Ubuntu 14.04, Ubuntu 15.10, Fedora 23, Arch Linux, Debian Jessie, FreePBX, FreeBSD, NetBSD, DragonFly, Solaris, Windows 10 and Gentoo.

                                    That is "a few" OSes?

                                    Hey, to each their own. I have a hard time just managing my Xbox One.

                                    travisdh1T 1 Reply Last reply Reply Quote 1
                                    • scottalanmillerS
                                      scottalanmiller
                                      last edited by

                                      It's not many, really. All mainstream ones that you might want to have access to to test something or see how it installs or whatever. More than I test, but not many more. I don't test Arch or DragonFly, for example. But if you are testing appliances like FreeNAS and NAS4Free those will add up quickly too!

                                      1 Reply Last reply Reply Quote 0
                                      • A
                                        Alex Sage @scottalanmiller
                                        last edited by Alex Sage

                                        @scottalanmiller said:

                                        Well think about building a lab. You want a storage device, jump box and logging kind of at a minimum. That's three.

                                        I don't have a storage device or logging yet. What do you recommend? And what do you mean by a storage device? Like for shared /home?

                                        quicky2gQ 1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller
                                          last edited by

                                          Yeah, like a shared NFS or SMB for Windows. Or even ownCloud and stuff like that.

                                          Logging... ELK. Can't beat it.

                                          1 Reply Last reply Reply Quote 1
                                          • travisdh1T
                                            travisdh1 @BRRABill
                                            last edited by travisdh1

                                            @BRRABill said:

                                            @scottalanmiller said:

                                            Now you want to test out a few OSes. You might have a VM for 2012 R2, 2016, 2012, 2008 R2, 2008, 2003 R2, CentOS 6, CentOS 7, Suse Leap, Suse Tumbleweed, Ubuntu 14.04, Ubuntu 15.10, Fedora 23, Arch Linux, Debian Jessie, FreePBX, FreeBSD, NetBSD, DragonFly, Solaris, Windows 10 and Gentoo.

                                            That is "a few" OSes?

                                            Hey, to each their own. I have a hard time just managing my Xbox One.

                                            Oh, that's just a start. Much easier to manage today that it was "back in the day" as well! Over the whole Y2K thing I was interning, and had setup a computer to multi-boot Windows 95, 98, ME, XP, OS/2, OS/2 Warp, Red Hat 4, and I'm not sure how many different x86 compatible machine control things. I was ECSTATIC when that new thing called VirtualBox came around. Just thinking about what, and how easily, we can do things today compared to back then can make my head spin.

                                            Edit: I forgot NT3.5, 4.0 and Windows 2000 as well.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 1 / 2
                                            • First post
                                              Last post