#1  
01-19-2012, 09:06 PM
christiwilsonc christiwilsonc is offline
Free Member
 
Join Date: Dec 2011
Posts: 17
Thanked 3 Times in 2 Posts
Hi everyone! I hope everyone had a wonderful holiday season and ready for 2012.

Since I have received the most solid and correct information from this community, I would like to ask for further assistance in forming my company in the area server security along with a few questions that do not require their own thread. (plus I like to keep all of this information in one place)

Before beginning I would like to tell a bit about my network. I have 3 vps's.

1 SQL Server, 1 IIS, 1 Mail.
Would like to set up 2 more. 1 for Active Directory, 1 for Windows Media(?)

I am wondering if I should hire a private server management to overlook security, updates etc.

What all is invovled in security management? Is this something that I can do myself? I have looked and researched companies and quite frankly they are very expensive. And from what they offer doesn't look like something that I cannot do myself, as long as I have the information what needs to be done. What are opinions from members here who do their own server management? I cannot justify paying someone 55.00 a month for a VPS that I pay 15.00 per month.

Other questions I have are:

I would like to set up Active Directory on my network. What do I need to prepare for this? I figure I will purchase another small VPS. What are the biggest pitfalls I should look out for?

I have decided to go with MailEnable instead of SmarterMail/stats/track. What is involved in setting this up?

David, my fiance, is looking for a VPS for his music streaming. (all his own work). We looked at Windows Media, what are the pros and cons of Windows media? He will be joining this forum soon to ask questions specific for streaming and such, I am just wondering what needs to be set up for him to do these things.

Besides Davids media server/vps, I am not oposed to paying someone to help set up my environment, I just don't want to be overcharged and I need to know what I should look for when hiring someone. I am very leery about allowing someone to work on my network that I don't know.

If I left anything out, please ask. It has taken me a few days to try and figure what to ask so this is what I have come up with.

Thank you everyone in advanced. Any information is truly appreciated.
Christi
Reply With Quote
Someday, 12:01 PM
admin's Avatar
Ads / Sponsors
 
Join Date: ∞
Posts: 42
Thanks: ∞
Thanked 42 Times in 42 Posts
  #2  
01-27-2012, 02:58 PM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 376 Times in 342 Posts
Quote:
Originally Posted by christiwilsonc View Post
Would like to set up 2 more. 1 for Active Directory, 1 for Windows Media(?)
I am wondering if I should hire a private server management to overlook security, updates etc.
Generally speaking, security should be a top concern. Lots of amateurs worry about "SEO" (the wrong kind), and keyword "research" (spamming), and pay no attention to the security of their sites. An unsecured site is a hacked site, and a hacked site is no site. No site = no business. If you're not very savvy in this area, then you'll want to either hire and independent admin, or even an admin service. Most admins available for hire handle Linux, not Windows, too -- so you'll have a bit more work finding competent service.

Quote:
What all is invovled in security management?
This is one of those vague questions people ask. It's not much different from asking the classic "How long is a piece of string?" It really depends on how the hardware and software is setup, what is in use, etc. Security can range from being behind proper hardware appliances to managing on-server firewalls to optimizing permissions on everything in use.

Quote:
Is this something that I can do myself?
This is one of those questions where, if you have to ask, the answer is "no". And I don't say that with any rudeness intended, but simply as an honest answer -- the answer that's in your best intentions. When it comes to security, quite a bit is making decisions on-the-fly, using knowledge you already have. It's really not as easy as following guides. I learned server administration over a period of probably 10 years, learning from other admins, either on-site at jobs or through managed hosts I've used.

Quote:
I have looked and researched companies and quite frankly they are very expensive.
There's a lot involved, which is where the costs come in.

Quote:
And from what they offer doesn't look like something that I cannot do myself, as long as I have the information what needs to be done. What are opinions from members here who do their own server management? I cannot justify paying someone 55.00 a month for a VPS that I pay 15.00 per month.
Well, again, that's part of the issue -- they're not really following guides or instruction books. They're applying knowledge to a situation. It's sort of like a surgeon, to a degree. A good surgeon knows how to make decisions based on what he/she observes. It's not an issue of holding a medical book and then slicing as based on diagrams and instructions. This is one of the more difficult areas of running servers. Installing stuff is easy -- securing it isn't so rote.

Quote:
I would like to set up Active Directory on my network. What do I need to prepare for this? I figure I will purchase another small VPS. What are the biggest pitfalls I should look out for?
I'll be honest with you -- I've done my best to avoid AD through the years. It always added a level of complication that made already-hard code near-impossible to understand. You almost have to have Microsoft training to really understand what's going on. While I have a high degree of knowledge on hosting, servers, etc -- I'm still a journalist at the core. I write, photograph, video, design, etc. Tech was just the tool that powers some of that.

Quote:
I have decided to go with MailEnable instead of SmarterMail/stats/track. What is involved in setting this up?
MailEnable has really easy instructions to follow. Are you planning to use the free version, or one of the paid versions?

Quote:
David, my fiance, is looking for a VPS for his music streaming. (all his own work). We looked at Windows Media, what are the pros and cons of Windows media? He will be joining this forum soon to ask questions specific for streaming and such, I am just wondering what needs to be set up for him to do these things.
Yes, definitely have him join, and we can go over this. Generally speaking, Windows Media is "so yesterday". That was the streaming format from 10 years ago. It hangs on, crying for dear life, in the 2010s. The modern format for streaming media is solidified as H.264 or a variant thereof. It's used by cameras, broadcasters, mainstream sites (Youtube, Hulu, Netflix), and HTML5. WMV MPEG-4 is dead.

Quote:
Besides Davids media server/vps, I am not oposed to paying someone to help set up my environment, I just don't want to be overcharged and I need to know what I should look for when hiring someone. I am very leery about allowing someone to work on my network that I don't know.
For streaming, I'd look at something like this: http://hwdmediashare.co.uk
And get help setting it up -- I wouldn't try to tackle Linux servers on your own. (If anything, Linux has more holes and is harder to secure than Windows 2008.)

This is actually a server we could do, and I'd be the one doing this task.

Quote:
If I left anything out, please ask. It has taken me a few days to try and figure what to ask so this is what I have come up with. Thank you everyone in advanced. Any information is truly appreciated. Christi
Always glad to help.

And my apologies on the slow reply. It's been an unexpectedly busy month.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
The following users thank kpmedia for this useful post: christiwilsonc (01-31-2012)
  #3  
01-30-2012, 09:46 PM
christiwilsonc christiwilsonc is offline
Free Member
 
Join Date: Dec 2011
Posts: 17
Thanked 3 Times in 2 Posts
Hi KP,

Thanks for the advice and I agree with you 100%. And No, I was not offended as I know I am lacking in that area. I do know my shortcomings and ignorance's in certain areas of IT, Windows security being one of them and I am not afraid to admit that. It's why I asked for help.

My main concern was not knowing who to trust. I do have contacts with former co-workers are willing to help with my development environment but really don't want to do it for any clients. I will search around and check references. I will also only go with companies who offer fully managed servers for my clients.

I do want to thank you for all the help and I will tell David to get his but over here and post.

Don't work too hard

Christi
Reply With Quote
  #4  
01-30-2012, 10:01 PM
admin's Avatar
admin admin is offline
Site Staff | Web Development
 
Join Date: Jul 2003
Posts: 4,307
Thanked 662 Times in 458 Posts
I had to reinstall MailEnable on a server a few days ago. It's remarkably easy to do. Quite literally just follow the well-written instructions.

Also use DKeyEvent for MailEnable. Although this plugin is sparse on instructions, the plugin works perfectly and is a must-have. A competent admin with email experience can understand what's going on, and should be able to setup the records both in MailEnable at at the domain's nameservers. DKeyEvent is just a quick little GUI for setting up your DKIM and DomainKey records, and you add some data to MailEnable (using the ME GUI), thereby connecting DKeyEvent to MailEnable's MTA.

You don't want to operate a mail server with having SPF, and at least one of either DKIM or DomainKeys (preferably both).

- Did this site help you? Then upgrade to Premium Member and show your support!
- Also: Like Us on Facebook for special DVD/Blu-ray news and deals!
Reply With Quote
The following users thank admin for this useful post: christiwilsonc (01-31-2012)
  #5  
01-31-2012, 04:39 AM
christiwilsonc christiwilsonc is offline
Free Member
 
Join Date: Dec 2011
Posts: 17
Thanked 3 Times in 2 Posts
Great link! Thanks. So far I am very impressed with ME. I am going to start with the Standard(free) edition and if it integrates well within my applications I will upgrade to Professional version.

I just have such a long list of TODOs that I really don't know where to start.

I have to admit I am a bit scared of opening my own company. I am not as young and healthy as I once was and I am afraid that this will be a complete failure, on the other hand I have worked so hard to get well enough that I can even think about work, let alone my own company. I absolutely love the line of work I am in. I know I will be successful (well, not Bill Gates successful) but successful nonetheless. As long as I don't have unrealistic expectations, I think I will be just fine. This time next year I might just reread all of these post and just have a nice little chuckle. If I wasn't the tiniest bit scared, I wouldn't be being honest with myself.

Back to reading, and again, thanks for all your assistance. It's nice to know that there still are people like you who help those who ask, and go beyond one liner vague comments.
Reply With Quote
The following users thank christiwilsonc for this useful post: kpmedia (01-31-2012)
  #6  
01-31-2012, 10:22 AM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 376 Times in 342 Posts
Quote:
Originally Posted by christiwilsonc View Post
It's nice to know that there still are people like you who help those who ask, and go beyond one liner vague comments.
Thanks.

I wanted to reply to most of your last post, and did so here: http://www.digitalfaq.com/forum/news...-business.html
Didn't want to derail the topic of this thread.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
  #7  
02-07-2012, 11:45 PM
christiwilsonc christiwilsonc is offline
Free Member
 
Join Date: Dec 2011
Posts: 17
Thanked 3 Times in 2 Posts
Hi KP sorry for the late response. Internet issues (very laggy) and plain not feeling well.

I did order a new VPS that is in another data center (Colorado DC) at SoftSys for mail server. I figured it would be wise in case if Chicago DC went down.

I have been spending my time reading up on networking and TCP/IP. I just keep getting stuck. Something is not clicking and I can't figure out what it is. I will figure it out though, eventually It mostly has to do with sub-netting. I need to also become more knowledgeable in DNS. Sigh, I am glad I am not in any rush and have the ability to study up. I am not going to market myself until I know what I am doing. It's one thing to mess up my lively hood, but anothers? No way!
Reply With Quote
  #8  
03-16-2012, 09:29 AM
kpmedia's Avatar
kpmedia kpmedia is offline
Site Staff | Web Hosting, Photo
 
Join Date: Feb 2004
Posts: 4,311
Thanked 376 Times in 342 Posts
As a follow-up, my trips to Microcenter and Fry's netted very little, in terms of security for Server 2008 IIS 7.

There are a few books that address general server security -- whole servers, not a VPS -- and most of it is geared towards setting up users, Active Directory (LDAP), etc. It doesn't really address securing web-facing servers as much as server security for intranet and internet (minus IIS). For our purposes, the books were mostly worthless. Your Softsys VPS probably came preset with a panel and permissions (WebsitePanel), and I prefer Plesk, both of which will pre-create much of the tasks described in the bulk of the books.

When I asked about IIS specific books, I mostly got open-mouthed stupid looks.

My own quest to verify and build on my current knowledge remains an online and word-of-mouth endeavor. I found some new tips on the IIS.net site, and then I spoke to two more peers to see what's new for them. Worth noting is that they have the same rants -- there's really not any good books on IIS 7 web security. It's all specific to Server 2008, and most of book is dedicated to stuff that doesn't apply to our situations as hosting users that do self management.

- Did my advice help you? Then become a Premium Member and support this site.
- Please Like Us on Facebook | Follow Us on Twitter

- Need a good web host? Ask me for help! Get the shared, VPS, semi-dedicated, cloud, or reseller you need.
Reply With Quote
Reply




Similar Threads
Thread Thread Starter Forum Replies Last Post
Comparing Mainconcept to Expensive, Production Company Encoders unclescoob Encode, Convert for discs 5 10-09-2011 06:39 PM
Does your company want to advertise on this site? kpmedia Marketplace 0 08-17-2011 08:39 AM
Server downtimes from 6/25 to 6/27 admin General Discussion 0 06-27-2011 11:01 PM
How to use FTP to Connect to a Server lordsmurf Computers 4 07-28-2006 03:39 PM

Thread Tools Search this Thread
Search this Thread:

Advanced Search



 
All times are GMT -5. The time now is 05:38 PM