Data Center is our focus

We help to build, access and manage your datacenter and server rooms

Structure Cabling

We help structure your cabling, Fiber Optic, UTP, STP and Electrical.

Get ready to the #Cloud

Start your Hyper Converged Infrastructure.

Monitor your infrastructures

Monitor your hardware, software, network (ITOM), maintain your ITSM service .

Our Great People

Great team to support happy customers.

Wednesday, June 11, 2008

Boost security by stopping these 10 Linux services on your server

Okay, so you have that smokin’ Linux LAMP server up and running, and you want it to be as secure as possible. But what services should you stop (permanently) to increase security — and how do you go about it? Of course, your choice of distribution will determine how these services are stopped. Not all are created equal. But most services can be stopped using the init system.

On a Ubuntu machine, you can stop them by issuing sudo /etc/init.d/command_name stop. With a Red Hat based distribution, you can stop them (as root) with /etc/rc.d/init.d/command_name stop. Here’s a look at 10 commands you can use to stop potentially risky services and make your server more secure.

#1: Sendmail

Let’s face it: Unless you really know Sendmail backwards and forwards, you shouldn’t be using it. Sendmail is known to be full of holes. So stop this from the get-go. Sendmail can be stopped with /etc/init.d/sendmail stop. Now if you do need a mail server, migrate to Postfix or another good mail daemon that is easier to secure and configure.

#2: NFS

Now don’t get me wrong, I am a big fan of NFS. I use it a lot, but never on a production server on a WAN. There are too many well-known exploits within the NFS daemon. Stopping NFS requires the stopping of both Portmap and NFS. These are stopped with the /etc/init.d/portmap stop and /etc/init.d/nfs stop commands.

#3: Chargen

By default, this service should be off. But I have had installations where it was up and running. That is not good. Chargen is used for testing purposes, such as bandwidth testing. To disable this service, issue the command /etc/init.d/chargen stop.

#4: Ypbind

This daemon binds NIS clients to an NIS domain. If you do not intend to use NIS, can this daemon. There are multiple issues this guy can bring up (image capture arbitrary overwrite, multiple remote vulnerabilities, mail memory corruption, etc.) To kill ypbind, issue the command /etc/init.d/ypbind stop.

#5: Sshd

Most admins depend upon sshd to allow them remote shell access to a machine. If you don’t need that remote access, it’s best to not have this daemon running. Although OpenSSH is quite secure, vulnerabilities do pop up. If you do need the ssh daemon running, make sure you have root access disabled and have the OpenSSH server always updated to the latest release. To stop the ssh daemon, simply issue the command /etc/init.d/sshd stop.

#6: Anacron

This strange service has one purpose: Run cron jobs that were scheduled when your system is down. First and foremost, your system is probably never down. This service is unnecessary and, like many other services, can be exploited. Shut down this service with /etc/init.d/anacron stop.

#7: Atd

This service controls the at command which queues, examines, or deletes jobs for later execution. Most people do not use the at command, so this service should be stopped. And since anything that atd can do, cron can do, this service may as well be shut down. Shutting down atd is as simple as /etc/init.d/atd stop.

#8: Routed

Does your server need automatic router table updates? The Linux routed system has been known for such exploits as the ability to have the trace mode turned on remotely using any arbitrary filename. Also, RIP (the protocol used by routed) does not have any built-in authentication. So unless you are using your Linux box as a router, you’re going to want to shut that down. The /etc/init.d/routed stop command will fix that problem.

#9: SNMPD

This little daemon, when running, awaits snmp requests used for monitoring a system. Typically, you won’t need it unless you must remotely monitor a server. There are plenty of snmp exploits in the wild to keep you from wanting this on a machine accessible to the outside world. To kill this daemon, issue the command /etc/init.d/snmpd stop.

#10: Rsync

I admit, I do use rsync on occasion. But it’s a rare occasion and can be bettered with scp (secure copy found in secure shell). And with the many weaknesses of rsync, you are certainly better off shutting it down. With the command /etc/init.d/rsync stop, you are safe.

Safer… and quicker, too

That’s the short list of first applications to be shut down for a more secure Linux server. Now you may be asking how you can manage this without having to rerun every command after boot. Simple. If you’re using a Ubuntu-based system you can issue the command sudo update-rc.d -f APPNAME remove (where APPNAME is the name of the service to remove), which will remove the service from boot-time execution.

If you are using a Fedora-based system, you can open up the Services gui, uncheck the service you want to keep from starting, and save. Or you can use the ntsysv command curses-based application. With ntsysv, you will find the service you want to stop from booting, select it (you’ll move around with the arrow keys), hit the space bar to disable it (an asterisk marks the service enabled), and then exit the application.

And as a final note, I will mention that the fewer services you have starting at boot time, the quicker your machine will boot. So stopping unnecessary services on a Linux machine is a win-win situation.

Monday, June 09, 2008

Trend Micro Intros “Worry Free” Security





Trend Micro has unveiled enhancements to its flagship Worry-Free Security Solutions focused at small businesses and eCommerce site owners who are increasingly battling a more sophisticated Web threat landscape that has mutated beyond conventional viruses and spam.

According to research conducted by AMI Partners for Trend Micro, over 85% of small businesses in APAC have less than 20 computers, and the most important IT issue for small business is improving their Internet and networking bandwidth/connection speed.

Last year, roughly 46% of all small business firms experienced security breaches with ‘Electronic Attacks’ being the most widespread threat.

The Worry-Free Business Security 5.0 range seeks to fit the needs of small business owners who want to protect their assets, their customer information and, most importantly, their reputation say Trend Micro.

The suite of offerings includes Worry-Free SecureSite, Worry-Free Business Security 5.0, Worry-Free Business Security 5.0 Advanced and Worry-Free™ Remote Manager.

Through integrated protection against spyware, viruses, spam, phishing and inappropriate Web content, as well as the recent inclusion of Web Threat Protection, online transaction protection and location awareness; these augmented solutions have features that not only address changing Web and email threats, but differences in the way people work now as compared to four years ago.

Another issue that the latest Trend Micro offering tackles is the increasing number of mobile employees. According to the company, approximately 40% of small business firms have a mobile workforce.

With its “location-awareness” feature that automatically changes Worry-Free security settings on laptops depending on whether employees are inside or outside the office, company data is protected even when employees are using an outside wireless connection.

"The IT market for small business and, in particular, the IT security market is still in high-growth mode, hence Trend Micro, with our strategic approach to security and our leadership in web threat protection is perfectly placed to lead this growing market over the next five years. We forecast the five year CAGR for IT spending in small business to be 12% and a growth of 20% for IT security” said Lionel Phang, Vice President of APAC, Trend Micro.


Pasar RFID Capai 9,7 Milyar

Pasar untuk teknologi Radio Frequency Identification (RFID) diperkirakan akan mencapai 9,7 milyar pada 2013. Berdasarkan riset ABI, bisnis RFID diperkirakan akan tumbuh pesat. Pertumbuhan bisnis RFID ini diperkirakan mencapai 15%.

Di antara semua produk teknologi RFID, tren pasar mengarah positif. Menurut Michel Liard, Direktur Riset untuk ABI, pihaknya melihat bahwa RFID mengalami pertumbuhan yang kuat di tahun 2007 dan hal ini berlanjut di kuartal pertama 2008.

Sementara itu, banyak antusiasme yang diperlihatkan orang berkaitan dengan teknologi RFID ini. Pebisnis pesawat udara misalnya telah mengumumkan komitmen mereka untuk mengimplementasikan RFID dalam supply chain dan assembly operation.

Di Asia dan Eropa, Metro AG juga mengekspresikan ketertarikannya pada RFID untuk aplikasi supply chain dan retail di perusahaan besar Wal-Mart. Mereka menyatakan bahwa banyak supplier menggunakan teknologi ini untuk beberapa kepentingan. Metro AG juga berniat untuk menambah fungsi RFID di bisnis mereka.

Berdasarkan riset ABI, kekuatan RFID dapat dieksploitasi ke arah yang lebih tinggi termasuk dalam penggunaan energi, transportasi, dan kesehatan.

Widia Yurnalis

Virtualisasi: Solusi bagi Perusahaan untuk Lebih Efisien


Laporan dari Environmental Protection Agency (EPA) baru-baru ini membuktikan apa yang selama ini sedang menjadi perhatian para CIO (Chief Information Officer) dan pengelola TI di seluruh dunia. Laporan ini berkaitan dengan efisiensi energi untuk data center.

Di banyak perusahaan, data center memang mengkonsumsi daya terbesar. Tak heran bila kampanye TI hijau oleh berbagai vendor membuat perusahaan mengurangi konsumsi daya server hingga 30 %.

Masih menurut laporan EPA, konsumsi daya keseluruhan data center berkisar pada angka 1,5% dari total konsumsi daya di AS. Hal ini berpotensi untuk dilakukan penghematan biaya hingga USD4 miliar pada biaya listrik tahunan dengan menggunakan perangkat dan pengoperasian secara optimal.

Bila dilihat lebih jauh, sebenarnya terdapat dua tujuan mengurangi jumlah server, yaitu peningkatan efektivitas server dan pengurangan konsumsi daya. Dengan penambahan server, maka tidak hanya mempersulit pemantauan dan pengendaliannya, tapi juga menambah sumber daya yang dibutuhkan, termasuk daya dan ruang.

Perusahaan sekelas Juniper Networks juga mulai memperhatikan hal ini dan memutuskan untuk memulai perubahan dengan meningkatkan efisiensi. Untuk itu, TI dengan mempertimbangan virtualisasi memungkinkan penggunaan sebuah server fisik untuk menjalankan beberapa sistem operasi dan aplikasi sekaligus yang secara logika terpisah.

Virtualisasi ini memungkinkan peningkatan efisiensi konsumsi daya dan utilitas server. Pada akhirnya, hal ini akan mengurangi penggunaan server dan mengakibatkan berkurangnya kebutuhan daya, pendingin, ruang, dan efisiensi biaya operasional.

Efisiensi juga dapat dilakukan dengan menginventarisasi server yang ada dan benar-benar memahami apa yang penting untuk bisnis. Hal ini sangat krusial karena biasanya departemen TI menghadapi dilema bagaimana mengurangi jumlah server dengan tetap mengimbangi dukungan atas pertumbuhan kebutuhan perusahaan yang semakin cepat.

Selain itu, bekerja sama dengan pimpinan departemen, developer, pengguna aplikasi, dan departemen TI dapat dengan cepat menentukan server mana yang memungkinkan untuk dikurangi.

Biasanya, jumlah fisik server dapat dikurangi dengan melakukan virtualisasi. Dengan demikian, untuk 100 server akan terjadi pengurangan konsumsi listrik yang mencapai lebih dari 50 ribu watt.

Sebenarnya, proyek virtualisasi server diharapkan dapat meningkatan pengurangan server yang digunakan dengan rasio virtualisasi 250 server dalam 10 server fisik.

Berdasarkan data, biasanya sebuah rack pada data center mampu menampung 42U (1,75 inchi per U). Angka 27-30U ini dapat digunakan untuk server, sisanya untuk panel, kabel dan power. Dengan demikian, asumsi rasio daya adalah 4:1 untuk mendinginkan server.

Sementara itu, Juniper merekomendasikan, jika perlu menambahkan server di tahun 2008, akan lebih baik bila berinvestasi pada produk yang memberikan efisiensi energi dan memberikan utilitas yang maksimal. Apalagi, strategi inovatif untuk data center adalah dengan memperhatikan baik dari sisi lingkungan juga sisi bisinis.