Problem solve Get help with specific problems with your technologies, process and projects.

Protecting a server from users

How can I protect my critical servers from internal users? They can simply use the IP address of the server to...

bring it down.

Most internal private networks should be considered hostile even though they are suppose to be protected. This is why any policy protecting the network at the perimeter should also be used internally. A computer network should not be like an M&M -- hard on the outside and soft on the inside. Instead, all policy outside and inside should be the same.

Servers should be protected with a proper infosec policy, auditing, and management. Host IDS should be used at ALL critical servers -- even on the inside. If you follow these rules and harden ALL your devices no matter the location, than you will be protected. If you feel you have a threat internally, I suggest using IDS Network and Host, both on the external (or extranet) and Internet networks. Enable advanced logging and AUDIT those logs. Additionally, have your management buy into a policy that dictates the termination of people who attempt to hack or crash your internal systems. Most companies have a policy that says only infosec can run scanners and other hacker/cracker software.

Create the policy and post it. That should cure most of your issues. Place logging devices (IDS), and enable logging on your servers.

Finally, as stated, always assume your networks are hostile, even the inside systems and hosts/users.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Security Policy & Infrastructure
Security Policies Tip: Creating an information security policy
Security Policies Tip: Developing a network security policy

This was last published in February 2002

Dig Deeper on Web Server Threats and Countermeasures

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.