Home > Articles

Apache: Establishing Minimum Server Security

  • Print
  • + Share This
Good security requires common sense and thinking ahead. Let "Anonymous," an experienced hacker and security consultant, help you prevent unauthorized users from gaining physical access to your servers or network hardware.
This chapter is from the book

This chapter is from the book

Before you even install Apache, you'll face several critical security issues—no matter what operating system you use. These issues are physical threats to your hardware and your host, generally. In this short chapter, we'll race through the following issues:

  • Physical security concepts

  • Server location and access

  • Network topology

  • BIOS and console passwords

  • Media and boot security

  • Biometric access controls

  • Anti-theft devices

Physical Security Concepts

Your Apache system will face many threats, but of these, physical threats loom largest. This is because when someone has physical access, they can damage portions of your system and information infrastructure that remote attackers cannot reach.

The usual suspects:

  • Malicious local users

  • Disgruntled employees

  • Vandals or thieves

When administrators contemplate physical security, they typically think in purely catastrophic terms, mulling accidents, disasters, and theft. This is sensible, because all three are legitimate threats. However, catastrophes are worst-case scenarios from which a system cannot recover. Many less-than-catastrophic physical security breaches pose dangers not so obvious, and new administrators often overlook them.

Indeed, many physical security breaches leave no evidence trail. To appreciate this, think now of the machines you use in the normal course of business. These are likely located in your office or home. Each day, you boot these machines or login assuming that in your absence, they sat quiet and undisturbed. What if they didn't?

What if, while you grabbed lunch, someone logged in and perused your files? Would you know it? This unpleasant scenario provokes suspicion, and rightly so. You, like most users, no doubt store sensitive data on your system. You'd hardly want others rifling through it. Let's run through a few pointers on how to prevent this.

  • + Share This
  • 🔖 Save To Your Account