Week 1 Posting – Introduction

#1 · November 30, 2024, 9:12 am

Quote from tekrp on November 30, 2024, 9:12 am

Hello world, this is my introduction for System and Network Hardening. I am excited to take this class to learn current “best practices” for the network and systems I’ve been standing up. Not to long ago, last week I think, my webserver was attacked with an SQL Injection, got locked out and while I was able to get my way back in to reset things, this malicious being decided to corrupt everything of which now I am rebuilding. This is why currently you will see half of my webpages are blank. That is because I had to export the *.csv direct from the database. I’ve gotten some help from an old friend on directions for restoring the data into the database, but I decided to go the manual/long way to learn more about what the processes are that happen within a database. I’m fascinated by it and will eventually just have one big SQL server running in the house for everything, which I’m sure will go down and I’ll lose everything again when I decide to either scale it or split off the storage to its own server.

Ok, getting my ADHD back on track here, focus Tek focus. Don’t worry, I have backups for everything just not when I’m building. This has been a learned lesson, before I start building anything, establish the backups. Here is a good reason why, I needed to be able to SSH into my server to build it, but that leaves a vulnerability. Sure, I close the SSH port at the gateway before ending for the night and reopen it when I’m ready to get back to work again on it. But my install process of the server showed that I should have both http/80 and https/443 ports opened and since I have the SSL installed through Certbot, should I keep http/80 open? None of the tutorials or guides that I have used has mentioned closing http/80 after establishing the SSL, but always give warnings about SSH/22 and FTP/SFTP ports.

This is an example of why I wanted to go back to school, to learn theory and best practices, that way I won’t have to rely on tutorials 100% that maybe might miss something here or there. To everyone reading this, head over to the Resources tab at the top and select Educational from the drop down. Tell yourself to learn one subject every 3 months or less, you can do it, it’s awesome!

Hello world, this is my introduction for System and Network Hardening. I am excited to take this class to learn current “best practices” for the network and systems I’ve been standing up. Not to long ago, last week I think, my webserver was attacked with an SQL Injection, got locked out and while I was able to get my way back in to reset things, this malicious being decided to corrupt everything of which now I am rebuilding. This is why currently you will see half of my webpages are blank. That is because I had to export the *.csv direct from the database. I’ve gotten some help from an old friend on directions for restoring the data into the database, but I decided to go the manual/long way to learn more about what the processes are that happen within a database. I’m fascinated by it and will eventually just have one big SQL server running in the house for everything, which I’m sure will go down and I’ll lose everything again when I decide to either scale it or split off the storage to its own server.

Ok, getting my ADHD back on track here, focus Tek focus. Don’t worry, I have backups for everything just not when I’m building. This has been a learned lesson, before I start building anything, establish the backups. Here is a good reason why, I needed to be able to SSH into my server to build it, but that leaves a vulnerability. Sure, I close the SSH port at the gateway before ending for the night and reopen it when I’m ready to get back to work again on it. But my install process of the server showed that I should have both http/80 and https/443 ports opened and since I have the SSL installed through Certbot, should I keep http/80 open? None of the tutorials or guides that I have used has mentioned closing http/80 after establishing the SSL, but always give warnings about SSH/22 and FTP/SFTP ports.

This is an example of why I wanted to go back to school, to learn theory and best practices, that way I won’t have to rely on tutorials 100% that maybe might miss something here or there. To everyone reading this, head over to the Resources tab at the top and select Educational from the drop down. Tell yourself to learn one subject every 3 months or less, you can do it, it’s awesome!