At Terrier SC, we have been managing servers for more than a decade. We manage our own servers for our core infrastructure, for our product development and test and, most importantly, we manage our customers’ servers running our IP Alarm Receivers.
At the initial concept stage nearly 15 years ago, our development guru selected a well-known and widely available Linux distribution as an operating system for our servers. We did not need a “bleeding edge” distro so we used Red Hat. We later moved to CentOS when that became widely used and set up for the long-term. You don’t get the latest features but we don’t need them. We value the fact that it just runs and runs and runs….
Most servers are behind firewalls but we always lock down its own firewall tight as well. Without connectivity a server can’t do anything. But where there is connectivity, there are points of access and care must be taken about vulnerabilities.
Vulnerabilities arise for different reasons. Sometimes it is because of a new hack, sometimes it is because an old piece of code that is no longer fit for use. The Internet is a fast-changing environment and each new thing can disrupt the current order. Discussion of operating system bugs and vulnerabilities takes place across the globe and in many different forums and it is a major, major task to keep track of them.
Fortunately, this creates a commercial opportunity for companies to provide this information to computer users. For PCs, we have companies such as McAfee, Norton and Kaspersky. For servers, we have Nessus, Qualys and others – their software software scans servers and is able to detect vulnerabilities.
Nessus and Qualys reports help keep us up to date and guide the way we configure operating systems. It is reassuring that our systems are as well-protected as possible. It is a harsh world out there and it’s important to stay vigilant. You have to do the detail every time, over and over! There isn’t an option.