Monitoring Networks

It is important to monitor the network and make sure that the traffic on it belongs then. In this section, we will explore basic network monitors Network Monitors Network monitors, also called sniffers, were originally introduced to hep troubleshoot network problems. Simple network configuration programs like Ipconfig don’t get down […]

network_monitor

Enable SSH Login Notification on Linux

Is the Linux server utilized by multiple customers? If that’s the case, attempt to add an SSH login notification whenever someone logs in. The good example below send’s an e-mail if somebody logs to your server. With this to operate, your server must have the ability to send mail while […]


Disaster Recovery

Disaster recovery is the ability to recover system operations after a disaster. A key aspect of disaster recovery planning is designed a comprehensive backup plan that includes backup storage, procedures, and maintenance. Many options are available to implement disaster recovery. The following sections discuss backups and disaster recovery planning. Types […]

Disaster Recovery

8-Bay_Raid_Station_04

Redundant Array of Independent Disks

Redundant Array of Independent Disks (RAID) is a technology that uses multiple disks to provide fault tolerance. There are several designations for RAID levels.   Raid Level 0 RAID 0 is disk striping. It uses multiple drives and maps them together as signal physical drive. This is done primarily for performance, […]


Identifying Critical Systems and Components

Sometimes your systems are dependent on things that you would not normally consider. Basic utilities such as electricity, water, and natural gas are key aspects of business continuity. In the vast majority of cases, electricity and water are restored – at least on an emergency basis – fairly rapidly. The […]

critical systems_call out images_280x153

Understanding Control Types False Positives/Negatives

Risk Assessment / Analysis involves calculating potential risks and making decisions based on the variables associated with those risks (likelihood, ALE, impact, and so forth). Once you’ve identified risks that you want to address with actions other than avoidance, you put controls in place to address those risks. The national […]


Securing wp-login.php with Fail2Ban

  With the recent dictionary attacks becoming a daily occurrence on WordPress, I installed a simple configuration for fail2ban that requires no access to the backend of each site you host and works as a integral part of any linux server system alongside iptables. This should protect all the sites […]

fail2ban

Security Policies continued

Security Policies Security policies define what controls are required to implement and maintain the security of systems, users, and networks. This policy should be used as a guide in system implementations and evaluations. Mandatory Vacations  A mandatory vacation policy requires all users to take time away from work to refresh. […]