Are you a hands-on person? Want to learn Information Technology? Then I highly encourage you to get a Dyn-DNS address, buy a domain and setup a webpage, Minecraft server, make some “friends” on Twitch.tv and be ready for an onslaught of problems, failures, rebuilds, backups, firewalls, reconfigurations, the learning doesn’t end. The individuals that cause these issues do it with the mindset, they are helping you become better. The level of frustration will make you want to scream, but the rewards are far greater with support from many more complimenting your work and not giving up.
This website has been rebuilt 5 times now. I’ve learned that having “logins” is just bad. Having one database for all sites, is just asking for trouble. Everything must be separated, firewalled, ports not being used must be blocked for both TCP and UDP, and building a database, tables by hand is probably something to not overlook doing. I’ve actually gone out of my way to buy more Quad NIC’s for my web hosting hypervisor to create more virtual firewalls. I’ve looked at increasing the bandwidth to the gateway from the ISP from 1Gbps symmetrical to 3Gbps symmetrical to give the game network 1Gbps, the house 1Gbps and the random other hosting 1Gbps symmetrical speeds. It makes sense but I’m holding off due to more speeds means more people, which means more individuals trying to hack and/or crack.
Instead, I’ve decided to keep pushing with locking things down. Setting a schedule for backups. Backups could just mean one action but for this network, backups now means more than just one automated action. Having a separate network with storage, systems can backup within themselves but now there are manual backups being made and whole mirror images being made of VM’s, core files and moved onto the Storage Server for safe keeping then taken offline. While this isn’t perfected and still being worked and developed, a fully automated system would be excellent but for now, half of it will be done by hand. (I really do not want to have to rebuild all these posts for my classes by going through *.csv files, line by line again. ugh)
The Storage Network if more like a simple NAS that is encrypted, password locked, powered off and unplugged. It’s very portable and I’m thinking about making it WAY bigger as far as storage goes and physical. Seems like it would be beneficial to just put my whole life on this Terramaster Monster. Just so happens there are eight 2Tb Samsung Pro m.2 SSD’s laying around my house not doing anything. This could be an opportunity to put them SSD’s to work doing something rather important and be a manual backup point for the Minecraft server as well. This would have to be played with at first and I would definitely want it to be encrypted and locked up with BitLocker. Think of it as being a Cold Backup that isn’t connected to anything while not in use. This is the extent of which these exploits have taken me too.
Turns out, after spending a couple days on Kali with a friend, there really is no limit to the reach of these tools within a system. What was really fun was seeing how locking things down, “hardening” was also affecting these tools. We were watching our work in action which was pretty cool.