Bureaucrats, cc_docs_admin, cc_staff
2,879
edits
Security considerations when running a VM: Difference between revisions
Security considerations when running a VM (view source)
Revision as of 18:58, 6 April 2017
, 7 years agoMarked this version for translation
(add translate tags) |
(Marked this version for translation) |
||
| Line 2: | Line 2: | ||
<translate> | <translate> | ||
<!--T:1--> | |||
On the [[CC-Cloud|cloud]], you are responsible for the security of your VMs. | On the [[CC-Cloud|cloud]], you are responsible for the security of your VMs. | ||
<!--T:2--> | |||
This document cannot be a complete guide, but will set out some things you need to consider when creating a VM on the cloud. | This document cannot be a complete guide, but will set out some things you need to consider when creating a VM on the cloud. | ||
==Keep the operating system secured== | ==Keep the operating system secured== <!--T:3--> | ||
* Apply security updates. | * Apply security updates. | ||
* Avoid using packages from unknown sources. | * Avoid using packages from unknown sources. | ||
| Line 13: | Line 15: | ||
* Install [https://www.fail2ban.org fail2ban] to block brute-force attacks. | * Install [https://www.fail2ban.org fail2ban] to block brute-force attacks. | ||
==Network security== | ==Network security== <!--T:4--> | ||
* Limit who can access your service. Avoid using '''0.0.0.0''' in the CIDR field of the security group form. | * Limit who can access your service. Avoid using '''0.0.0.0''' in the CIDR field of the security group form. | ||
* Do not bundle ranges of ports to allow access. | * Do not bundle ranges of ports to allow access. | ||