-4

I have been instructed to administrate a linux server, running SLES out of the box. It’s a Typo3 web server, and there are running some web apps in Tomcat, too, but there is no sensitive contents on that server (no personal information, no credit card numbers or that like) wich would require special protection. The server is provided by a data center, which does

  • any hardware related stuff from disk redundancy to fire protection
  • run a firewall, restricted to the very most possible
  • backups of the data each night with
    • MySQL dumps right before backup starts

Besides the “user application”, I already set up & checked that

  • all services start up automatically after reboot
  • the server does neither run in, nor reboot into runlevel 5 by exident
  • measured values (memory, disk space, CPU) are being monitored
  • log file rotation for applications installed manually is configured
  • automatic OS updates are enabled
  • the system clock does synchronize with a time server

Being left alone this way, when and why do you think this installation will leave the service (let it be an internal error or broken by hackers) because something has been overlooked by the unaware? In your experience, what is strikingly missing in my list?

Pierre.Vriens
  • 1,159
  • 34
  • 15
  • 19
Matthias Ronge
  • 467
  • 1
  • 7
  • 18
  • 1
    This question is too generic and does not provide information about kind of server, what type of data, what security level, SLAs, hardware specs. Security, monitoring, automation or backup are too wide areas of expertise on their own. – dawud Apr 09 '13 at 10:56
  • First, you need to know EXACTLY how the farm (or probably in your case, one server) is build. And what it does, and how, and with which programms. And all this information shell be writte here to. Otherwise we cant do anything other than give you down votes or very good looking guesses, that might create bottlenecks, or dont serve nothing, or other stuff. It's just to unspecific. Use google for a question like this. Or improove your question. – Harrys Kavan Apr 09 '13 at 10:57
  • It is a generic question, but I think it is legitimate as this may well be a customer's only specification initially - the OP is asking for a general list of things that they should consider when asked by a customer to do something unspecific. – dunxd Apr 09 '13 at 11:05
  • 4
    This is a question that should not be answered by a checklist, but by a book. Or possibly several books. – Jenny D Apr 09 '13 at 11:10
  • @dunxd The only thing you should do when asked to do something unspecific is quote back an unspecific rate. `Yeah, that will cost you some hundreds of dollars an hour, depending on what I end up doing, and what kind of mood I'm in when I write up the bill.` – HopelessN00b Apr 09 '13 at 21:27
  • Really? I would love to work in this world where all customers are sysadmins and know how to specify what they need without any assistance from those they consult. Oh - hang on, if they know everything already they don't need my help... Damnit. – dunxd Apr 10 '13 at 10:30
  • @JennyD Do you know a good one? – Matthias Ronge Apr 12 '13 at 07:13
  • @Paramaeleon Go to oreilly.com, browse subjects, look at Security. Anything by Gene Spafford, Bruce Schneier, Simson Garfinkel is highly recommended. You may also want to have a look around at the sister site IT Security here, reading questions there will give you a picture of what kind of issues security professionals face. For main systems admin, oreilly has that too - look first for Essential Systems Administration. You may also want to look at iTunes University, there are courses there that can be very useful. – Jenny D Apr 12 '13 at 07:22

1 Answers1

2

If I was asked to “take care of a customer’s server”, I'd probably ask if they mean it "Al Pacino" or "Julia Andrews" way of "take care of". (sarcasm)

Everything depends on what is running on the server. You can (and you should) monitor every important service like DB, RAM, webapp, ... (for example with Nagios).

The restrictive packet filtering is of course good idea.

You should evaluate necessity of remote logins (ssh, rdp, ...) and secure them accordingly.

You should secure services on the server by creating separate users, adjusting access rights, using selinx, whatever.

Sensitive data protection really depends on their sensitivity. But at least protection by access rights and eventually by encryption. But really depends on particular situation.

Letting the server handle (=install) updates automatically is, for me, really stupid idea. Since some updates may need restart of service or even reboot of whole machine, it can result in some funny moments when server "goes down" at 3 a.m. or (even better) when it should serve few hundreds of clients. Better approach is to turn updates off and do them manually like once a month. (In big networks this can be a painful process but I personally like servers "under my control").

Fiisch
  • 303
  • 1
  • 6
  • Which RAM parameter is sensible to look monitor? RAM size doesn’t change. Free memory gets filled up by disk cache, so this doesn’t make much sense, either, does it? What aspect of the webapp do you think should be monitored? Just that it is reachable? The number of users logged in? Session length? It’s interesting that you disagree to automatic updates. It raises another interesting point: It should be testet that all services should come up well after reboot automatically. – Matthias Ronge Apr 09 '13 at 11:31
  • 1
    If you need a quick respondindg server which hosts, lets say, a database, the RAM consumption is good to watch. It provides you with data to build on and determine the hw upgrade when the time comes. Swap is slow when compared to RAM thus making server slow-responsive. Also if you run out of swap, the server will die. This can happen due to bug, attack, bad settings, ... and it is good to know if there is something likely-bad happening. For the autoupdate thing. You probably didn't get my point. It can be the restart itself what is unwanted. – Fiisch Apr 09 '13 at 11:47
  • 1
    Also service cannot be reliably tested for "update in the future" because you simply cannot say what will developers change. I've seen (few times) that update of httpd messed up configuration files. It happened because the configuration of webapp was poorly-written but this fact really doesn't matter at the time the customer calls you complaining that "it isn't working". – Fiisch Apr 09 '13 at 11:50
  • Thanks so far, I try incorporating it into the question. I didn’t know linux servers do reboot automatically, too. “RAM consumtion of selected applications” is what you mean, isn’t it? Manually updating means to schedule a regularly date in your calender. – Matthias Ronge Apr 09 '13 at 11:56
  • Few distros will automatically reboot the server but most will restart services. And when you monitor free RAM you include unused and used for disk cache - both are available for apps when they need it. – Grant Apr 09 '13 at 12:06
  • Well, you didn't mention specifically linux servers so i presumed a "generic server" with any OS. As Grant said, few linux distros do reboot servers but this is mainly domain of windows :)) Anyway back to linux: the update can be - for example - kernel. That is a thing I wouldn't update without evaluating impact first. – Fiisch Apr 09 '13 at 12:12
  • That’s good, I intended the question to be general to fit to others, too. In my case, kernel updates are scheduled together with the data center, but its a good point for someone getting first into touch with it. – Matthias Ronge Apr 09 '13 at 13:12