October 12th, 2008 by Gabriel

Some basic security policies that a Web Administrator should have to consider are -

1. who/which user is allowed to use the system
2. when the user is allowed to use it
3. which user granted which level of access
4. procedures for granting access to the system
5. remote and local access methods
6. system monitoring
7. suspected security breaches

If you don’t have a clear picture of what is permitted, you can never be sure when a violation has occurred.

General security precautions to take -

1. Limit the number of login accounts available on the machine and delete inactive users.
2. The Crack programs help to detect poorly chosen passwords hence force the people to use strong             passwords who have login privileges.
3. Unused services should be turned off. For e.g. if FTP is no longer needed then it should be stopped.
4. Check system regularly for suspicious activity.
5. Make sure that permissions are set correctly on system files.