# What do you use for security?



## Solaris17 (Mar 26, 2010)

i was just wondering what you admins do for security? do you just run a windows server os with some AV? do you just close a bunch of ports? set all the dir and file permissions? what about you linux users? or CMS users? do you use CMs spacific security? how do you prevent SQL injections etc? a combination of the above?


----------



## jasper1605 (Mar 26, 2010)

on my win7 pro I use avg free.  And take the general approach of don't go to porn sites (more for moral reasons but my computer is equally happy about the change) where viruses run rampant


----------



## Solaris17 (Mar 26, 2010)

jasper1605 said:


> on my win7 pro I use avg free.  And take the general approach of don't go to porn sites (more for moral reasons but my computer is equally happy about the change) where viruses run rampant



are you talking about a desktop personal use PC? i was talking more about web hosting. and the security measures you take to make the site safe.


----------



## Zebeon (Mar 26, 2010)

What kind of servers.....
Webserver/email/sql/ect...

General:
A good AV and (spam filter if email)
Keep patches up to date
Run behind a router/FW close all un-needed ports/services and filter the open ports if possible.
Strong passwords!


----------



## r9 (Mar 26, 2010)

GUN under my pillow.


----------



## Solaris17 (Mar 26, 2010)

r9 said:


> GUN under my pillow.



um?


----------



## Disparia (Mar 26, 2010)

Patches/updates, strong passwords/prohibit weak encryption standards, limit hosts if you must connect to your SQL server remotely, check logs, don't be an open relay (email), etc.

As for coding, test it out. I keep the error log tailed while coding and purposely try to break my scripts/system. For injection, since I code in PHP5 I use PDO. The bindValue and bindParam methods prevent injection when someone tries to do a "1; drop all tables;" or "secret_destroy_server_command();"

If you're running someone else's scripts, pray that they knew what they were doing


----------



## jasper1605 (Mar 26, 2010)

Solaris17 said:


> are you talking about a desktop personal use PC? i was talking more about web hosting. and the security measures you take to make the site safe.



lol sorry, apparently I have SRD today (selective reading disorder) and only see and read what I want to see and read not the actual question.


----------



## regexorcist (Mar 27, 2010)

I run an openBSD desktop with a samba file server (user based security)
which is behind a router (NAT). May be adding a firewall next month.


----------



## Solaris17 (Mar 27, 2010)

does anyone strongly believe that running the site off of a VM is a pretty good way to keep baddies away?


----------



## Easy Rhino (Mar 28, 2010)

i am not going to tell you! you will just hack me then!


----------



## copenhagen69 (Mar 28, 2010)

r9 said:


> GUN under my pillow.





Solaris17 said:


> um?



lol ... you dont have proof this does not work


----------



## D007 (Mar 29, 2010)

I just have a link in my signature wherever I go.
That leads to a pic of that kid, who got stabbed in the head with a knife, for cheating in CS.

That or Kaspersky...hehe..

Firewalls seem to do me more harm than good.
Cause me more trouble than their worth. 
A good antivirus should do the trick by it's self.


----------



## Zebeon (Mar 29, 2010)

Not sure about a Vm-  It is a good idea, but nothing is totally safe-

Alot depends on what types of site you are going to host.
ex..  an e-commerce site that accepts CC and payments need to be alot safer than a personal page or such...

What kind of site(s) are you hosting? is it on a server or machine running xp. Dedicated web server?
Is it for a business or personal. -- do you need SSL?

There are several things to do depending on budget and how much security you need.

As before, A good start is to:
A good AV and (spam filter if email)
Keep patches up to date
Run behind a router/FW close all un-needed ports/services and filter the open ports if possible.
Strong passwords!

Be as invisible on the internet as possible.  The least amount of services and open ports you have the safer your sites will be.
Even go as far as block all ICMP will keep network scans from picking up your ip as a valid address.

Oh, and backup your site.... Just in case!! LOL


----------



## Wrigleyvillain (Mar 29, 2010)

The relatively new Microsoft Security Essentials.


----------



## regexorcist (Apr 7, 2010)

regexorcist said:


> I run an openBSD desktop with a samba file server (user based security)
> which is behind a router (NAT). May be adding a firewall next month.



As a follow up, I've just enabled the openBSD native *pf* (packet filter) *firewall*.
see link: http://en.wikipedia.org/wiki/PF_%28firewall%29

It's normally installed and enabled right "out of the box" on openBSD, 
but I disabled it until I had some idea of how it worked.


----------



## Oliver_FF (Apr 8, 2010)

Security through obscurity - use obscure usernames which contain numbers and swap to using non-standard ports for the important services (like SSH - get it off of port 22!). Its enough to keep the script kiddies away whilst still giving you access. Lets be honest - if a real criminal wants in to your server he's probably going to find some way in.


----------



## imperialreign (Apr 8, 2010)

Best security?  Unplug the damned hardline!


----------



## DRDNA (Apr 8, 2010)

I use avast home free edition .>> http://filehippo.com/download_avast_antivirus/
and
malewarbytes for the manual scans for maleware and adaware. >>http://filehippo.com/download_malwarebytes_anti_malware/
and
CCleaner for temp clean up and registry cleanup  >>http://filehippo.com/download_ccleaner/
and 
Smart Defrag for defrag >> http://www.iobit.com/iobitsmartdefrag.html


----------



## Deleted member 3 (Apr 8, 2010)

Solaris17 said:


> do you just close a bunch of ports?



That would be silly, you open a bunch of ports if required. All should be closed by default.


----------



## Black Panther (Apr 8, 2010)

DRDNA said:


> I use avast home free edition .>> http://filehippo.com/download_avast_antivirus/
> and
> malewarbytes for the manual scans for maleware and adaware. >>http://filehippo.com/download_malwarebytes_anti_malware/
> and
> ...



Ditto for all the above with the exception that I use Defraggler instead of Smart Defrag.
Then occasionally I run UltimateDefrag. Occasionally because it takes a bit long.


----------



## Solaris17 (Apr 8, 2010)

Just to be clear im talking about web hosting security. Like what do you do to keep your site safe?


----------



## mdsx1950 (Apr 8, 2010)

I'm not sure about this.. But this might help :

http://webhostinggeeks.com/blog/2009/05/07/protect-your-site-from-maliciously-activities/


----------



## FordGT90Concept (Apr 8, 2010)

Never browse the Internet unprotected:






Works every time.


----------



## Boyfriend (Apr 8, 2010)

Lol


----------



## 1Kurgan1 (Apr 8, 2010)

When I seen this thread on the main forums it was "What do you use for protection" by Boyfriend... Thats just win.


----------



## Solaris17 (Apr 8, 2010)

1Kurgan1 said:


> When I seen this thread on the main forums it was "What do you use for protection" by Boyfriend... Thats just win.



really because the title has never been changed.


----------



## Easy Rhino (Apr 8, 2010)

Solaris17 said:


> really because the title has never been changed.



no you!


----------



## lemonadesoda (Apr 9, 2010)

I have yet to find decent FREE security method/software for Windows SERVER.  It's horrible; all the free software wont install on server, but offer you server editions for gazillions of dollars.


----------



## Easy Rhino (Apr 9, 2010)

lemonadesoda said:


> I have yet to find decent FREE security method/software for Windows SERVER.  It's horrible; all the free software wont install on server, but offer you server editions for gazillions of dollars.



don't use windows server


----------



## Boyfriend (Apr 9, 2010)

1Kurgan1 said:


> When I seen this thread on the main forums it was "What do you use for protection" by Boyfriend... Thats just win.



Ha Ha Ha


----------



## Deleted member 3 (Apr 9, 2010)

Easy Rhino said:


> don't use windows server



If it's just a webserver Windows has no real added value apart from personal preference. Though in an office it clearly does.


----------



## Asylum (Apr 9, 2010)

I have a 9mm i take around with me.


----------



## Flyordie (Apr 9, 2010)

I use Internet Explorer 9 x86-64 now...

I run all my internet traffic through a web traffic scanner (packet level virus inspection)...  Avast Corporate Server Edition (wee new name!)

All in all- Avast stops most infections.  I also check system folders for changes intermittently.


----------

