Home
Top 10 things to secure your network
- Details
- Category: Information Technology
- Hits: 110
1. Implement a firewall
The de facto firewall for Ubuntu is ufw (uncomplicated firewall). I personally love this tool as it is easy to configure and maintain. You recall that CIS Benchmark I have referred to numerous times in this article and others? Yeah. Follow that. There are a couple of other firewall packages that are referenced in the guides. Pick one and use the recommended settings.
By default, I would recommend to block all inbound traffic from the internet, allow all outbound traffic from the server, and block all but port 22/TCP (for ssh access) and any other required ports on the local network. My personal go to is to block everything by default and then add rules only for services I
Firewall Configuration for HA Clusters on Linux
- Details
- Category: Information Technology
- Hits: 244
In my previous article, I showed you how to configure high availability clustering for MySQL or MariaDB. But what if you are working in a secure environment where you need to have all ports locked down except those required for functionality? There are a variety of ports that will need to be open depending on required functionality. But they do not have to be open to the world. This article is working under the assumption that the firewall is enabled and already
Create a Highly Available MySQL Cluster
- Details
- Category: Information Technology
- Hits: 262
This document is intended to walk you through setting up multiple servers to store your databases. You can of course get by with a single server, but then this document would not be for you. Our requirement is to configure a cluster of servers to allow us to perform maintenance on any one server in the cluster while maintaining access to the data stored in the cluster.
It is important to note that this will not speed up access to data. That is not the goal. Only
Using an immutable desktop
- Details
- Category: Information Technology
- Hits: 1970
There seems to be a new trend in IT -- immutability. But what is it? Immutability is a security mechanism intended to assure the user (or engineer) that the system they built remains as it was built without the addition of any mailware or modified configurations caused by any nefarious actors. Think of it as installing your operating system on a CD. A bad actor cannot modify the files on the CD because they are read only. This is the same for the operating system partition. But how do you
Page 1 of 2