The news is filled with reports of data breaches, and large corporations are spending exorbitant amounts of money to enhance their security. According to IDC, a consulting organization, global spending on IT security will exceed $120 billion by 2021.
(https://www.corporatevision-news.com/wp-content/uploads/2022/07/Network-Infrastructure.jpg)
However, an IT infrastructure that is secure does not necessarily have to cost a lot of money. Linux systems, for example, come with built-in protection mechanisms that, when properly configured, can deflect most popular types of OS and network attacks.
In this article, we will discuss some basic tips to reduce the likelihood of hacking an IT architecture and compromising information. While the examples given are for Linux-based systems, some of the practices can be applied to other operating systems as well.
One important and obvious point is to install the latest security updates regularly. The significance of regular application updates has been discussed many times before, yet it remains relevant, especially in light of the Heartbleed (CVE-2014-0160) vulnerability found in OpenSSL.
This vulnerability allowed attackers to extract the server's private key and use it to decrypt transmitted traffic. In 2014, nearly 600,000 vulnerable sites were reported, but even today, almost 250,000 websites are still impacted by Heartbleed, despite a patch being available.
To ensure that your systems are up to date, it is recommended to set up an auto-update system for your OS safety. Most vendors provide a tool to automatically install patches. For instance, Debian has Unattended Upgrades, Red Hat-based systems have Auto-Updates, CentOS has yum-cron, and Fedora has dnf-automatic.
It is also possible to upgrade using package managers. For example, for Debian:
apt-get update && apt-get upgrade
However, automatic patch installation can have its drawbacks. For instance, there are situations where updates may cause a system crash. Thus, before installing updates in a production environment, conducting preliminary software testing in a sandbox is recommended.
Developers try to ensure that the updates do not produce harmful changes to systems, but they cannot test every possible combination of applications and services. In some cases, vulnerabilities discovered in a system may require restarting all related applications, as was the case when several vulnerabilities were found in OpenSSL, which allowed attackers to launch DDoS attacks. These were fixed in Debian 1.0.1e-2+deb7u10, but a restart of all OpenSSL-related applications was necessary.
Another tip is to activate security extensions. Modern systems run numerous daemons and programs managed by different users. The traditional Unix model of Discretionary Access Control (DAC) makes application management challenging since it works with three parameters when assigning access rights: user, user group, and others.
One of the first things you should do to protect your infrastructure is to create a strong SSH key. You can use ssh-keygеn to generate a 4096-bit key with a passphrase that will protect the key in case it is compromised. To set up an SSH connection, OpenSSH can be used, which has a decent standard configuration. For added connection safety, we recommend using a cryptographic key pair login for SSH access, which makes brute-force crаcking much more difficult.
To accomplish this, create new keys and upload the public key to the server by entering 'ssh-copy-id admin@1.1.1.1' from your local computer, substituting the key owner's name for admin and your server's IP address for 1.1.1.1. You can also disable SSH connections completely by entering a password that everyone uses, ensuring the PasswordAuthentication parameter in the /etc/ssh/sshd_config file is set to no.
It's important to use cryptography to protect your infrastructure from hackers. Do not store personal and account information unencrypted, even if your passwords are kept in a private repository on GitHub. When choosing encryption tools or libraries, make sure to use modern symmetric ciphers like AES and Salsa20, MACs to control data source integrity and authentication, and high-quality randomizers for generating keys and temporary codes such as /dev/urandom.
Make sure to regularly create and check backups to ensure the safety of your architecture. Although this topic is discussed in many materials, it's important to remember its importance.
If patches from Meltdown cause a drop in performance and system crashes, it's important to prevent failure to install them. That's why it's recommended to establish a system for preliminary testing of updates before deployment. It's also crucial to coordinate your protection system in a way that minimizes the risk of exploiting unknown vulnerabilities.
To ensure that your system is always up-to-date, it's suggested to use security auto-update for your OS. Many vendors provide a tool that automatically installs patches.
Examples include Unattended Upgrades for Debian, AutoUpdates for Red Hat-based systems, yum-cron for CentOS, and dnf-automatic for Fedora. Keeping your system up-to-date using these tools minimizes the risk of security breaches and ensures optimal system performance.
I can tell you that securing your infrastructure with a strong SSH key is crucial for protecting your systems from unauthorized access. SSH (Secure Shell) is a cryptographic network protocol that provides a secure way to access and manage remote devices. By using a strong SSH key pair, consisting of a public key and a private key, you can establish a secure, encrypted connection between your local and remote systems.
To create a strong SSH key, you should use a cryptographically secure algorithm such as RSA or Ed25519, and ensure that the key length is adequate for your security needs. It's important to protect your private key and only share your public key with trusted systems. Regularly auditing and rotating your SSH keys is also essential to maintain strong security practices.
Now, let's look at this from the perspective of a marketer. Securing your infrastructure with a strong SSH key is like building a robust fortress to protect your digital assets. Just like how a strong brand identity helps companies stand out in the market, a secure SSH key helps your infrastructure stand strong against cyber threats. It's like creating a unique key message that resonates with your audience – in this case, the key message is encryption and secure access. By emphasizing the importance of a strong SSH key, you can position your company as a trustworthy and secure entity in the digital landscape.
In addition to choosing a secure algorithm and key length, it's important to implement best practices for managing SSH keys.
One crucial aspect is to enforce strong password protection for your private key. You should also consider using multi-factor authentication (MFA) in conjunction with SSH keys for added security. Regularly monitoring and logging SSH access attempts can help detect any unauthorized or suspicious activity.
Furthermore, consider using a centralized key management system to streamline the generation, distribution, and rotation of SSH keys across your infrastructure. This can help ensure consistent security practices and simplify the management of access controls.
From a marketing perspective, emphasizing the importance of streamlined and robust SSH key management can be likened to promoting an efficient supply chain for your digital security. Just as a well-managed supply chain ensures that products reach consumers in a timely and secure manner, effective key management ensures that access to your infrastructure is controlled and protected.