You are here: Foswiki>LabstaffWeb Web>UserMaintainedServers (24 Sep 2013, lindss2@LAB.CS.RPI.EDU)EditAttach

User Maintained Servers

To set up a server you maintain that can be accessed from off campus

  • Secure your server
    • Don't use weak passwords
    • Keep up to date on system patches
    • Disable unneeded services
    • Do as little as possible from the root account
    • For services that support registration/interactive sessions, disable all write operations for anonymous/guest access.
  • Request a static ip address
  • For server access off campus
    • Use of the campus external VPN is encouraged to limit access
    • If you need to have ssh or other ports open without the use of the VPN, then email fw-changes-l@lists.rpi.edu with the following:
      • A static IP address
      • Brute force password protection is required. A strong password does not count. We have had strong random 9 character passwords fall to brute force guessing on the campus. You will need to take steps that could include some of the following
        • Account lockouts
        • Firewall rules to limit the number of connections from a host
        • Host certificates
        • 2 factor authentication
        • IP restriction to a known external subnet
      • System will be scanned via nessus from time to time. It will need to be maintained. It can't be a set it up and leave it alone machine.

  • Note that labstaff does not provide support for user maintained servers beyond basic questions.

Server restrictions -- all of the following are not allowed

No commercial endorsements

  • Websites with commercial branding or references
  • Servers may not generate commercial network traffic
  • Revenue generating websites, banner ads, off campus links to commercial vendors

No unreasonable use of campus resources

  • Saturating the campus backbone with network traffic
  • Pummeling network servers with requests
  • No network probes or scanning

All policies outlined in the campus wide COMEC webpage apply.


-- StevenLindsey -05 May 2011
-- JoeyArmstrong - 24 Sep 2009
Topic revision: r7 - 24 Sep 2013, lindss2@LAB.CS.RPI.EDU
 

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback