For this kind of scenario, I would have to create a server from scratch so I can be able to identify any types of vulnerabilities on any of these server requirements stated below. Any of these can be at risk at any time, so creating a new server from scratch would be most recommended. Because it is kind of safer than Windows because most viruses and worms are written for Windows but it doesn’t mean Linux can be attacked.
- A Web Server
- A database server
- A Simple Mail Transfer Protocol (SMTP) server
A file server customers’ loan applications and other personal data files First of all, since Linux is mostly an open-source type of software running server, it is very vulnerable to any kinds of attacks, or as Linux calls them, crackers. Many malicious attacks on Linux and related applications will also grow. The Web Server isn’t much of a risk because but it is still an important software that can have a high risk of being attacked because it’s known as an open-source, so having any personal information stored inside it, can be at risk of being exposed to a cracker (hacker).
The Database Server is a very high risk of vulnerabilities because this is where important data and files are being stored in. Again, this is still an open-source software so protecting this kind of software is important to the company. A Simple Mail Transfer Protocol (SMTP) and a file server for customers’ loan applications and other personal data files are a must protect! These are open-sources too, so basically all of these server requirements are open source, no surprise. But protecting all these will require a lot of attention especially the SMTP, file server for customers’ and the database server. Here are some steps/tools that you can use to stop any kinds of attacks upon these servers: Identify any risks/vulnerabilities these servers have:
- Open ports
- Burp Suite
There’s more of these but these are the basics of protecting your Linux system from attacks. Follow these steps and you’ll be able to have any risks on your Linux systems.