You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
John O. Brennan edited this page Sep 29, 2016
·
2 revisions
Have designated admin(s) who are responsible
Set up fail2ban or other automated penetration detection and response
Set up automated monitoring of system resources and alerts when significant thresholds are reached
Make sure alerts (e.g. unattended-upgrade's "reboot required" emails) are delivered to admin(s) reliably (e.g. forward root's local Unix mail to their Gmail inbox)
Drop packets originating from unrecognized networks, e.g. anything that isn't Google (so we can SSH in), and for Quiver anything that doesn't come from the CDN whose domain is being fronted