- Forum
- General C++ Programming
- Sockets/Server security
Sockets/Server security
Hey. Hope you are feeling well.
I've been playing around with sockets for a while now. It's starting to feel good, but how can I take it to the next level now? I feel I need more information about Security and how to keep the server safe from threats. More about what's important to know and how to protect against common attacks. Maybe some serious books about it or something similar.
Any suggestions?
I've been playing around with sockets for a while now. It's starting to feel good, but how can I take it to the next level now? I feel I need more information about Security and how to keep the server safe from threats. More about what's important to know and how to protect against common attacks. Maybe some serious books about it or something similar.
Any suggestions?
Socket programming is a very different skillset and largely unrelated to securing a server (most tls libraries wrap the socket and encryption protocol together, but technically speaking they're still different). The basics to security are largely common sense. Don't use weak passwords, don't give passwords out, etc, use PAM or LDAP authentication when possible instead of another authentication method. Disable root ssh logins, require ssh key authentication. Don't allow external access to internal services (e.g., your database, your network monitor, etc). Make sure to always keep security updates applied. Make sure your firewall is enabled doing exactly what you think it is. Security is an entire discipline that you could spend your entire life researching. A fun project (and actually what got me into system administration and some security) is setting up a webserver and securing it with a letsencrypt certificate. Bonus points if you get higher than a B on ssllabs.
Edit:
Some interesting links:
https://www.sshaudit.com/hardening_guides.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/system_administrators_guide/index
https://www.ssllabs.com/ssltest/
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/selinux_users_and_administrators_guide/Red_Hat_Enterprise_Linux-7-SELinux_Users_and_Administrators_Guide-en-US.pdf
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/security_guide/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US.pdf
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/kernel_administration_guide/Red_Hat_Enterprise_Linux-7-Kernel_Administration_Guide-en-US.pdf
https://mozilla.github.io/server-side-tls/ssl-config-generator/
Edit:
Some interesting links:
https://www.sshaudit.com/hardening_guides.html
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/system_administrators_guide/index
https://www.ssllabs.com/ssltest/
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/selinux_users_and_administrators_guide/Red_Hat_Enterprise_Linux-7-SELinux_Users_and_Administrators_Guide-en-US.pdf
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/security_guide/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US.pdf
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/pdf/kernel_administration_guide/Red_Hat_Enterprise_Linux-7-Kernel_Administration_Guide-en-US.pdf
https://mozilla.github.io/server-side-tls/ssl-config-generator/
Last edited on
Topic archived. No new replies allowed.