Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: best practice for logging options
Special Forums Cybersecurity best practice for logging options Post 302352441 by jim mcnamara on Friday 11th of September 2009 09:54:31 AM
Old 09-11-2009
Your question is really too open-ended IMO. This is random:

Are there external incoming connections (initiated from outside your firewall)?
Can your box connect to boxes in your DMZ?
Do you use an external DNS name service?
Do you consume web services? Consume external web services? Provide web services?
Do you track security violations? - you should.
Do you audit user activity?
Do you have a data access policy and paperwork to back it up?
Do you have a solid backup process? off site backup? failover?
This list goes on - you get the idea.

There is no single set of 'best practices' for logging - it usually is more a matter of what your box is exposed to, your level of risk tolerance, what the datasets on the server represent, etc. Then there are basics like monitoring the heck out of externally initiated connections.

If you google 'best practices' you will be presented with an onslaught of choices. You have to select the models that fit your system. Apache has great guidelines for example.
But they may make no sense for your situation.
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

What is the best practice?

I'm playing the shell game of moving and deleting files to make room for current DB backup. A set of files gets moved to serverB when serverA threshold is exceeded. I created two scripts one for serverA and one for serverB. Both scripts are run by cron entry. There is a difference of 12 minutes... (4 Replies)
Discussion started by: BigSky
4 Replies

2. Shell Programming and Scripting

best practice please

I have a data file that I tail and dump the data into a new file at midnight. To work I had to use tail -n2 livefile.csv >> storefile.csv. This is ging me 2 or 3 entries at a time into the storefile.csv. if I continue this then I will have to run a second pass on the file to remove the... (4 Replies)
Discussion started by: Mikey
4 Replies

3. Post Here to Contact Site Administrators and Moderators

Constant Logging In (After Logging Out)

Hi Everyone. First, I want to thank all of you for letting me participate in this great group. I am having a bit of a problem. After I get an email from a responder, I login to make my reply. In the mean time I get another response by email from another member, I go to reply to them and I... (6 Replies)
Discussion started by: Ccccc
6 Replies

4. UNIX for Dummies Questions & Answers

hp ux practice

hi i am new in unix.i have installed linux in my pc,but i want to practice and be expatise in hp ux.but i have no hp server for do it.how could i practice hp ux?please help and give suggestion. (1 Reply)
Discussion started by: dipanjan123
1 Replies

5. Ubuntu

Kernel boot options removed by fault, no boot options

Hello Everyone, First of all, I highly appreciate all Linux forum members and whole Linux community. http://forums.linuxmint.com/images/smilies/icon_wink.gif. I wish you the best for all of you ! I will try to be short and concise: I am using Linux Mint 10 for 2 months on 2 ws, and all went... (3 Replies)
Discussion started by: cdt
3 Replies

6. UNIX for Dummies Questions & Answers

practice scripting

Is there any sites out there that have examples of things they want you to go and script for practice? I have looked around but have came up empty handed. I have been writing scripts for things I need on my nix box but have am wanting more challenging things to keep me learning. I would prefer... (3 Replies)
Discussion started by: linuxn00b
3 Replies

7. HP-UX

LVM PE. Best practice

Hi everyone. Unfortunately I can't find advice's about LVM Physical Extent for HPUX. As far as I know we can set for 1PE size from 1MB to 256 MB. But in what cases it should be different? Maybe exist any strict rules, requirements or any best practice? (2 Replies)
Discussion started by: jess_t03
2 Replies

8. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

LEARN ABOUT DEBIAN

catalyst::manual::deployment::fastcgi

Catalyst::Manual::Deployment::FastCGI(3pm)		User Contributed Perl Documentation		Catalyst::Manual::Deployment::FastCGI(3pm)

NAME

       Catalyst::Manual::Deployment::FastCGI - Deploying Catalyst with FastCGI

FastCGI Deployment
       FastCGI is a high-performance extension to CGI. It is suitable for production environments, and is the standard method for deploying
       Catalyst in shared hosting environments.

   Pros
       Speed

       FastCGI performs equally as well as mod_perl.  Don't let the 'CGI' fool you; your app runs as multiple persistent processes ready to
       receive connections from the web server.

       App Server

       When using external FastCGI servers, your application runs as a standalone application server.  It may be restarted independently from the
       web server.  This allows for a more robust environment and faster reload times when pushing new app changes.  The frontend server can even
       be configured to display a friendly "down for maintenance" page while the application is restarting.

       Load-balancing

       You can launch your application on multiple backend servers and allow the frontend web server to perform load-balancing among all of them.
       And of course, if one goes down, your app continues to run.

       Multiple versions of the same app

       Each FastCGI application is a separate process, so you can run different versions of the same app on a single server.

       Can run with threaded Apache

       Since your app is not running inside of Apache, the faster mpm_worker module can be used without worrying about the thread safety of your
       application.

       Widely supported.

       FastCGI is compatible with many server implementations, not just Apache.

   Cons
       You may have to disable mod_deflate.  If you experience page hangs with mod_fastcgi then remove deflate.load and deflate.conf from
       mods-enabled/

       More complex environment

       With FastCGI, there are more things to monitor and more processes running than when using mod_perl.

   Standalone FastCGI Server
       In server mode the application runs as a standalone server and accepts connections from a web server.  The application can be on the same
       machine as the web server, on a remote machine, or even on multiple remote machines.  Advantages of this method include running the
       Catalyst application as a different user than the web server, and the ability to set up a scalable server farm.

       To start your application in server mode, install the FCGI::ProcManager module and then use the included fastcgi.pl script.

	   $ script/myapp_fastcgi.pl -l /tmp/myapp.socket -n 5

       Command line options for fastcgi.pl include:

	   -d -daemon	  Daemonize the server.
	   -p -pidfile	  Write a pidfile with the pid of the process manager.
	   -l -listen	  Listen on a socket path, hostname:port, or :port.
	   -n -nproc	  The number of processes started to handle requests.

       See below for the specific web server configurations for using the external server.

WEB SERVERS

       Any web server which supports FastCGI should work with Catalyst. Configuration recipies for well-known web servers are linked below, and we
       would welcome contributions from people deploying Catalyst on other web servers.

   Apache
       Catalyst::Manual::Deployment::Apache::FastCGI

   nginx
       Catalyst::Manual::Deployment::nginx::FastCGI

   lighttpd
       Catalyst::Manual::Deployment::lighttpd::FastCGI

   Microsoft IIS
       Catalyst::Manual::Deployment::IIS::FastCGI

AUTHORS

       Catalyst Contributors, see Catalyst.pm

COPYRIGHT

       This library is free software. You can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.14.2							    2012-01-20				Catalyst::Manual::Deployment::FastCGI(3pm)
All times are GMT -4. The time now is 02:06 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy