The Best Practices for System Administrators

6,881 views

Published on

In this presentation I discuss a few things every system administrator needs to keep in mind when securing and deploying a new system or keeping up an old system.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
6,881
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
175
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The Best Practices for System Administrators

  1. 1. Best Practices for System Administrators<br />By: Lance Howell<br />9/1/2011<br />CC: Lance Howell<br />1<br />
  2. 2. Knowledge Updates<br />Know Your System<br />Security Bulletins<br />Training (conferences, courses, continuing ed, user groups)<br />9/1/2011<br />Lance Howell<br />2<br />
  3. 3. Physical Security<br />Install System in a Secured Location.<br />Do Not Leave Console Logged In. <br />Do Not Stay Logged In as an Administrator.<br />Configure Console to Logout Just In Case You Forget.<br />9/1/2011<br />Lance Howell<br />3<br />
  4. 4. Keep Your Systems Lean and Mean<br />Minimum Services and Packages.<br />Remove Extra Services Running on the System.<br />Close Unused TCP/UDP Ports<br />9/1/2011<br />Lance Howell<br />4<br />
  5. 5. Superuser Password<br />Use Lengthy Password. <br />Never Store Password as Plain Text or Write Down on Paper. <br />Use Mixture of Upper and Lower Characters. <br />Configure Password-Aging Feature, If Available. <br />Use Shadow Password Feature. <br />9/1/2011<br />Lance Howell<br />5<br />
  6. 6. Delegating Superuser Tasks<br />Risk that Someone will Abuse His or her Superuser Status.<br />Impossible to Trace an Act of Misconduct Based on Who Logged into the Computer. <br />Use Super User DO Utility (sudo)<br />9/1/2011<br />Lance Howell<br />6<br />
  7. 7. User Passwords<br />Password Aging<br />Minimum Length<br />Non-Dictionary Words<br />Passwords Uniqueness<br />Password History<br />9/1/2011<br />Lance Howell<br />7<br />
  8. 8. Restrict Users<br />Accept Connections from Only Known IP Addresses.<br />It is Better to Lock System Down from the Start.<br />9/1/2011<br />Lance Howell<br />8<br />
  9. 9. User Education<br />Educate Users and Help-Desk Personnel about Basic Security Issues and Practices. <br />9/1/2011<br />Lance Howell<br />9<br />
  10. 10. An Updated System is a Happy System<br />Security Patches from System Vendors. <br />Test Patches before Deploying.<br />9/1/2011<br />Lance Howell<br />10<br />
  11. 11. Vulnerability Testing<br />Scan Your System Periodically<br />Security Assessment <br />9/1/2011<br />Lance Howell<br />11<br />
  12. 12. Monitor Your Logs<br />Maintain System Logs<br />Log Analyzers: Threshold Crossing Alarms, Login Attempts, and Failures.<br />Monitor Unauthorized Modification of System Files and Configuration Files.<br />9/1/2011<br />Lance Howell<br />12<br />
  13. 13. Configuration Documentation<br />Document Any Change in System Configuration. <br />Disaster Recovery<br />Detection for an Intruder<br />9/1/2011<br />Lance Howell<br />13<br />
  14. 14. Backup and Disaster Recovery<br />Frequency.<br />How Much to Backup.<br />How Long the Backup Data to be Stored. <br />Good Documentation for Backup and Recovery Procedure.<br />9/1/2011<br />Lance Howell<br />14<br />

×