| Home | Contact Us | About GeekISP |

Fast, Secure, Cheap.

Ideology | Services | Customer Service | Sign up now! | Member Tools | Blog

Sign up now!

Ideology

  • Security
  • Open Source
  • Spam
  • Blog

    Services

  • Shared Plans
  • VPS Plans
  • E-Mail
  • Software
  • Datacenter / Hardware
  • Domain Management

    Customer Service

  • Contact Information
  • Mail Client Setup
  • SSH Clients
  • FAQ
  • Forum
  • Testimonials
  • Mailing List

    Member Tools

  • SquirrelMail
  • TMDA-cgi
  • Mail Accounts Setup
  • phpMyAdmin
  • phpPgAdmin
  • SVN / Trac

    Registrar Tools

    Policies

  • Acceptable Usage
  • Privacy
  • Refunds
  • Terms Of Use


  • Ideology
    -------------
    Security

    At GeekISP, our main goal is to provide a secure, reliable service. To achieve these goals, our systems are built on the OpenBSD operating system first - widely regarded as the most secure OS available today. The FreeBSD webserves we run are also closely monitored for vulnerable ports and updates to the base system. These systems run minimal configurations to minimize any potential impact of a security breach. Qmail was selected as the mail transfer agent because of its ease of use and security guarantee. Tinydns, much like Qmail, bears Dan Bernstein's security guarantee which is unchallenged to date. The choice of a reliable database was difficult, but ultimately we decided to offer PostgreSQL as our flagship database. PostgreSQL has a long history of reliability that MySQL is only beginning to address. MySQL is of course available, but PG's transaction model has been rock solid for many years.

    Security is a big buzzword in today's computer industry, and you may think "Why do I have to worry about security? Nobody is going to care about my files." You may be right - there may be nothing to gain from attacking your files and your web page, but if a malicious person were to gain access to your account, they could do a number of nasty things:

    • Destroy or alter your files (do you really want to spend time cleaning up vandalism?)
    • Destroy or alter someone else's files
    • Attack other machines on the Internet
    • Run programs that slow down the service for you and for others
    • Impersonate you by way of email

    Furthermore, if your web site allows users to log in, their passwords may be at risk. Intrinsically, these passwords might only let a person impersonate someone on your web site but the risk is greater as people often tend to reuse passwords to more sensitive things.

    It is both our responsibility as service providers and your responsibility as users to work towards maintaining a secure system. Its really not so hard, either. Here are a few things you can do to make use of the secure services we provide:

    • Make sure your mail program is configured to encrypt all traffic. Foremost this protects your mail password. (see instructions)
    • Use only SSH and SFTP to interact with our systems (Where can I get SSH/SFTP clients?)
    • Use new passwords for new things. Keep your email password different from your SSH password, and keep your database password different from both of those. This goes a long way - if someone guesses your email password then they cannot change your files or the information in your database.
    • Choose good passwords! This is the hardest for many people, ourselves included. A *good* password includes mixed case letters, numbers, spaces, and shift characters (like @, #, $, %). An example of a hard to guess password is "h3Ar$ IT".

    Thats really it - if you can do those 4 things, you've done a lot to address the issue of security.
     

    ©2004-2009 Steinberg Computing. GeekISP is a service of Steinberg Computing.