How to Defend a Linux System from Attacks

December 2, 2020

In November this year, the BigBasket data breach compromised the information of more than 2 Billion users. Evidently, companies of all sizes are facing cyber-security risks, and it is important to address the measures that must be taken. In this article, we discuss the bit-by-bit of securing Linux servers from cyber attacks.

What is a cyber-attack?

A cyber-attack is an assault launched by cyber criminals using one or more computer networks. Attackers commonly use any vulnerable public servers and computers that are connected to the internet to launch the assault. The main goal of the attacker is to breach the firewall and extract company data for ransom. The attacker may also be a competitor who gains from ruining your company’s reputation and goodwill.

Types of cyber-attacks

The most common type of attacks are:

  1. DDoS attack: Here, the attacker uses a vulnerable server to launch a series of attacks on the target server. The attacker launches floods, i.e., directs a large amount of traffic to you, which will cause downtime on your server. To prevent a DDoS attack, purchase a high-bandwidth server so that floods cannot be caused easily.
  1. SQL Injection: If you are hosting a CMS like WordPress, Joomla, Magento, etc., using third-party themes and plugins from untrusted sources leaves your system vulnerable. SQL injection can manipulate all data in your database. Both server-side and code-side prevention methods are available to mitigate SQL injection. Make sure to adopt the latest technologies and update your CMS regularly. To be extra sure, using a vulnerability scanner like Acunetix is highly recommended. 
  1. Man-in-the-middle attack: Here, the attacker launches from the client-side and sets himself up as a mediator between the user and the server. Suppose, you are on public wi-fi, the attacker can crack the public wi-fi and enter your PC to steal information.  A secure network is the only way to prevent these types of attacks.

Cybersecurity Dos and Don’ts

  • Don’t use old software
  • Don’t write open-ended codes
  • Do use a robust firewall
  • Don’t set-up passwords that are in human-readable format
  • Do use antivirus on both system and server, especially remote systems like laptops, phones and tablets. (80% of users still don’t use even a free one!)
  • Do use an intrusion detection system on both server and system. As malware and Trojan can be uploaded from client PC as well, it is very important to counterbalance by setting up strong gates from the hosting side.
  • Do implement HTTPS. 
  • While uploading files, always use SFTP port.
  • Do train employees about permissions and antivirus. 

Basic security setups for linux web-hosting servers

There are several cyber-security processes that can secure files and databases on your servers to prevent, as well as actively defend attacks in real-time. As the WHM control panel is the most popular among Linux OS users, this article shows how you can implement many security features with WHM. However, the general rules are applicable to all other control panels.

Types of security:

  1. SSH hardening: SSH is one of the most popular communication protocols on the net. Although SSH is more secure than FTP, taking further steps to secure SSH is highly recommended. If you are non-technical, you can ask your hosting provider to execute the same. SSH-hardening can be done through WHM easily through the intuitive GUI.
  1. /tmp security: Securing the /tmp folder is unignorable if you are using Linux. The reason is because any malicious files can be executed by attackers on /tmp directories. WHM has a ready-made script to implement /tmp security. This creates a tmp partition which automatically fixes tmp security.
  1. Security using software-based firewalls: There are several third-party tools which easily integrate on host to improve security features. Here, we discuss the best tools available in the market for Linux systems.
  • Imunify360: This tool is an advanced firewall that tracks all activities on the server. It provides proactive defence by quarantining files that may be malicious. Using Imunify360, you can capture IPs, send alerts, block network-level access, scan malware, patch old PHP versions by default. It scans all uploaded files automatically, catches vulnerability and blocks IP. All tools are inbuilt and there is no need for configuration. 
  • CSF firewall: This open-source firewall for linux monitors incoming and outgoing traffic on network servers. Features include bruteforce attack alerts, suspicious process alerts, security score, warnings and per Port connection flooding detection and mitigation to help block DOS attacks. The system is quite fluid as you can enable/disable protections and configure custom SSH.
  • BitNinja - This intrusion detection system gives you security against wordpress, joomla, drupal infections for hosted websites.
  • Bigger organizations with heavy traffic can use third-party CDN like cloudware like Akamai. 

Lastly, in case an attack is encountered we must have a disaster recovery plan in  place to ensure that downtime is minimal. Some ways you can do this include:

  • Create backups for websites and portals. For image files backup, use any third party tools. You can also set up incremental backup on cPanel. WHM has integrations with Google Cloud, Azure AWS for implementing backups. You can pre-define the backup path and you also have an option to add an additional destination for backup. Custom script for backups can override existing scripts in WHM, in case you are looking for more secure solutions.
  • Set up version control systems which allow you to default back to previous versions in case your new versions are deemed insecure.
  • Regularly take MySQL backups and make sure to sync db files to a remote backup service.

This article thoroughly discusses all necessary measures to be taken in order to ensure a smooth-sailing Linux operation. Ensuring that all precautions are taken can help you mitigate any cybersecurity issues in the future.

Latest Blogs
This is a decorative image for: What is SOTA in Artificial Intelligence?
August 5, 2022

What is SOTA in Artificial Intelligence?

If you are one of those people who love to pursue Artificial Intelligence and related operations like Machine Learning, then you must have certainly come across a term called SOTA. It is one of the much-talked things in the field of AI and holds a lot of gravity.

But for those who are interested yet are clueless about what SOTA is and what its relevance is in the field of AI, here is a simple definition of SOTA, what it means, and what importance it holds.  

What is SOTA?

SOTA is an acronym for State-Of-The-Art. In the context of Artificial Intelligence (AI), it refers to the best models that can be used for achieving the results in a task. Mind you; it should be an AI-specific task only. SOTA models can be applied in many ways in AI. It could either be applied to –

(a) Machine Learning (ML) tasks

(b) Deep Neural Networks (DNNs) tasks

(c) Natural Language Processing (NLPs) [this is a subset of deep neural networks]

(d) Generic tasks

How does SOTA help in AI?

Using SOTA models in AI has many benefits of its own. The primary benefits are –

  • Increases task precision

First of all, you should check which parameters define your SOTA Model. These parameters could be the recall or the precision, or the area under the curve (AUC). It could be any metric you choose. After that, you could determine the value of the SOTA for each of the chosen metrics. If these metrics get a high score (about 90%-95%) in performance accuracy, then it is labelled as a SOTA. Now it is pretty obvious that these models score high on accuracy, so the AI task will be as close to what the users need to do.  

  • Increases reliability

Since the precision of the SOTA models is high, as mentioned above, the reliability of the AI task also increases. If it is a machine learning task or deep neural network task, then be assured that the results are pretty much what they are supposed to be. They can be trusted and not be considered a random test of sorts. But how do you know that the SOTA is trustworthy?

So, here’s a suggestion. While you are building the SOTA test, it would be better if you ran noise experiments on the SOTA model. It will help you in measuring the standard deviation in the many identical tests runs that you are subjecting the model to. You can use this measurable deviation as a sort of shift or tolerance, and then you can compare the original SOTA result and the reproduced result. Testing the results will help you in verifying the features that are required in the algorithm in the future.

  • Ensures reproducibility

If you want your AI product to be agile and lean, then you will be able to ship the minimal viable product (MVP or a minimal version of your envisioned product) quickly to all your customers. You can then proceed to get user feedback and improve iteratively. Therefore, reproducibility in your SOTA model can be considered to be a good practice. This will help you in making compromises in your algorithm. You can also ship your algorithm quickly. And yes, about the customer feedback you have collected, you can use it as a guide for all your efforts in future product improvements.

  • Reduces generation time

Since the SOTA model helps you in reproducibility of the algorithm or the product, it also helps you in saving time when you put the entire process on the conveyor belt. That means you can make a saleable product from a prototype in less time than when you made the same product from scratch. All you need is to reproduce the algorithm on the parameters on which it needs to be tested are already in possession, so yes, you save a lot of time in the generation of the product.

When should you run a SOTA test?

You should run SOTA tests as frequently as possible. Frequent SOTA tests are a rule of thumb in AI. But it is advisable to run them once a week. You should also run the SOTA tests when you are incorporating important changes. It is advisable to run the SOTA tests should be run on a cloud virtual machine using a good pipeline like Jenkins.

Where can the SOTA models be used?

SOTA models are used in various artificial intelligence activities –

(a) Object detection by deep neural networks

(b) Single shot multi box detectors

(c) Self-adaptive tasks like choosing variable patterns

This list is not exhaustive as the possibility of using SOTA encompasses many branches of AI. Be on the lookout for future blogs to know more about SOTA and its applications in every subset of AI.

To sum up, SOTA models have played a crucial role in advancing AI and ML technologies. It has introduced structural efficiency that has boosted performance. Now, developers run various SOTA tests using the virtual GPUs, which further streamlines the process and reduce the upfront infrastructure costs, and E2E Networks is making it possible with cloud GPUs.

Reference Links

https://towardsdatascience.com/software-design-patterns-and-principles-for-a-i-1-sota-tests-3dd265c6bf97

https://deci.ai/blog/sota-dnns-overview/

https://paperswithcode.com/sota

This is a decorative image for : Should you migrate to E2E Cloud from Digital Ocean?
August 5, 2022

Should you migrate to E2E Cloud from Digital Ocean?

There comes a time in professional business life when they want to migrate all their data, resources, applications, workloads, etc., to the cloud for security reasons. It is a process of transferring data from on-premises to the cloud. Everyone prefers to use the cloud these days, but cloud migration can be an overwhelming process. Business wants to go with a service with minimal downtime and a hassle-free experience. So if you are using Digital Ocean for a while and now prefer to switch to another service, then this one question must have popped into your mind: should you migrate to the E2E cloud from the digital ocean? Here in this blog, we are going to answer the same. But first thing first, let's understand the benefits of migrating to the cloud.

The Top Benefit of Migrating to the Cloud

Businesses prefer to rely on cloud platforms due to various reasons, some of which are listed below:

1. Security

The first benefit of using a cloud platform is the high level of security compared to other network systems. The shared responsibility model is used in the cloud system, which is why this model is more successful than the traditional network system. All the data and resources of the business are stored centrally, which makes the cloud network convenient.

2. Scalability

The second benefit of using cloud platforms is scalability which means businesses can increase and decrease their requirement anytime based on the need and performance of the company. Firms and organisations have the flexibility to alter their infrastructure needs and workloads based on the current condition.

3. Integration

Another benefit of switching to a cloud platform is seamless integration. Businesses can connect multiple systems altogether without any difficulty. Not only does this increase the efficiency of the company, but it also saves money. Cloud services are updated and improved regularly, so the chances of decreased efficiency are less.

4. Cost

Lastly, one of the significant benefits of using cloud networks is cost. It reduced operational costs. Business here only pays according to usage, saving a lot of money.

Should You Migrate to the E2E Cloud From Digital Ocean?

Yes, that is possible, and with the recent hike in Digital Ocean's price, the only convenient option for organizations is to migrate to the best affordable solution. And when we talk about affordability, the E2E cloud seems to be the best in the market. The answer has a high-quality infrastructure. Around ten thousand clients are relying on E2E cloud solutions. The platform is built to fulfil the need of every kind of business. The solution is designed to execute real-world use cases such as NLP, health tech and consumer tech.

The thing which is loved by businesses is the quick deployment process, and the E2E cloud understands that very well. That's why companies will get the one-click deployment at their fingertip. And most importantly, the pricing model business will bring to the E2E cloud is unbeatable.

The process of cloud migration can be excruciating. Newbies and newcomers can't do it without proper assistance. That's why the E2E cloud is readily available at their customer service with the required help.

Sign up to E2E Cloud Now

With all that in mind, if you are looking for the most convenient solution, then give the E2E cloud a try. Not only will we help you save money, but you will get the cloud platform with high reliability too. Reach out to us to get a consultation on the migration process from Digital Ocean to our forum.

References

https://touchstonesecurity.com/cloud-migration-benefits/

https://www.vultr.com/news/Should-you-switch-from-DigitalOcean-to-Vultr/

This is a decorative image for- How do data scientists use PyTorch?
August 4, 2022

How do data scientists use PyTorch?

PyTorch was introduced for the first time in 2016 and it is a deep learning open-source framework. It has become very popular among developers due to its ease of usage and efficiency. PyTorch is getting huge critical acclaim because of its compatibility with a high-level programming language Python which is also favored by data scientists and machine learning developers.

About PyTorch

Deep learning models are a type of machine learning model that have multiple applications and usage which include language processing, image recognition, and more. PyTorch is an elegant framework that can help in the construction of deep learning models. This framework has been written using Python and the best part about PyTorch is that it is extremely easy to learn and implement for machine learning developers.

Furthermore, PyTorch is unique in its support of GPUs. Other exclusive features of PyTorch include auto-differentiation, reverse-mode, computational graph, etc. This is also why PyTorch is a popular choice among developers for prototyping and fast experimentation.

Why is PyTorch a popular choice among developers and data scientists?

PyTorch is the product of Meta’s Artificial Intelligence research lab and others. The framework has incorporated the Python programming language in the front end with a resilient and productive backend library from Torch which is also GPU accelerated. The entire framework concentrates on unreadable code, quick prototyping, and assisting multiple categories of deep learning models. 

Although PyTorch enables the friendly yet authoritative programming approach for data scientists and developers, simultaneously providing production graphs. The framework was released as open source in the year 2017 and because of its Python roots, it has become fairly popular among machine learning programmers.

Benefits of PyTorch for data scientists

Due to its innovative characteristics, PyTorch is extremely popular in deep learning. For example, PyTorch has implemented a chainer technology known as reverse-mode automatic differentiation. To put it more simply, the method is like a tape recorder that completes each and every operation, then computes the gradients, and finally iterates the entire process. 

Due to this particular feature, debugging in PyTorch is very simple and it can also adapt to specific applications such as dynamic neural networks.  PyTorch is also well accepted for prototyping because every repetition can provide different results.

Python developers extensively use PyTorch which has been developed using the Python language. The framework utilizes the define-by-run eager execution mode and authoritativeness of the language through which all the operations are executed. 

Although Python is fairly popular among developers and other programming languages, a recent survey by Datanami shows there has been a growing focus on machine learning, deep learning, and AI thus paving the way for industry-wide PyTorch implementation.

For existing Python developers and data scientists, PyTorch has become a good choice for its futuristic scope. Moreover, those who are comparatively new to deep learning can already come across an enlarging library of deep learning courses which are specifically based on PyTorch. Since its release, the API of this framework has remained consistent and that is why PyTorch is significantly easy to decipher for experienced Python programmers.

If we look at any particular strength of PyTorch then it is prototyping in smaller projects. It is also beneficial for academics and research communities because of its ease of usage and flexibility. Facebook’s AI research lab is also working tirelessly to ameliorate the productive application of PyTorch.

The latest releases of PyTorch have included multiple enhancements. Moreover, it has also added ONNX, or Open Neural Network Exchange which can help the developers comply with the deep learning models that will be productive for their projects or applications.

Features of PyTorch

Here is a list of important features of PyTorch:

 

  • PyTorch has an excellent and active community of developers that provides brilliant tutorials and documentation. You can visit their forum at PyTorch.org.
  • The entire framework has been developed using the popular programming language Python and the developers have also included Python libraries such as NumPy to conduct scientific computing. For the compilation of Python to C and to provide a better performance, SciPy and Cython have been used. 
  • PyTorch is very easy for data scientists and Python developers because it has similar syntax and utilization.
  • Major cloud platform supports PyTorch.
  • The scripting language of PyTorch is known as TorchScript and it is very easy to use as well as ductile when used in eager mode (eager mode is a specific mode of this framework where operations are executed instantly as they are derived from Python). You can also change to the graph mode if you require better optimization and more speed in C++ runtime settings.
  • PyTorch can effectively support parallel processing, GPU, distributed training, and CPU, which means any computational work can be allocated among various GPU and CPU cores. Furthermore, you can also conduct training on multiple machines using multiple GPUs.
  • Dynamic computational graphs are supported by PyTorch which enables the network behavior to be transitioned during the runtime. This flexible characteristic is a major feature that sets apart PyTorch from the existing deep learning frameworks (because the rest of them require neural networks to be delineated as a static object before runtime.)
  • PyTorch also has a storage of pre-trained models that can be replicated using a single code line.
  • PyTorch as a deep learning framework has both the eager mode (for experiments) and graph mode (for the execution of performance).
  • You can extend the core functionality of your applications using the brilliant APIs of PyTorch.
  • The libraries and tools of PyTorch range from reinforcement learning to computer vision.
  • The pure C++ frontend interface which the python developers are accustomed to is supported by PyTorch and you can also create high-performance C++ applications using the same.
  • In PyTorch, you will be easily able to construct a brand-new custom component as a subclass under the standard Python class.
  • You can easily import the libraries and parameters which can further be efficiently dispensed with the help of TensorBoard (which is an external toolkit.)

Practical use case of PyTorch for data scientists

Due to the PyTorch framework being convenient and flexible, it is being used in multiple projects and applications such as natural language processing, reinforcement learning, image classification, etc. Let us discuss them in brief:

Natural Language Processing (NLP)

If we look at software or virtual assistants, we will be able to understand how machine learning has made significant breakthroughs in understanding natural languages. 

Most of these models utilize a flat sequence of characters or words in the form of recurrent neural networks or RNN to process the sequences. Yet, a lot of linguistics think that language can be comprehended most efficiently if we use a stratified tree of phrases.

That is why a lot of research has been done on the deep learning models which are termed as recursive neural networks that undertake this approach recommended by linguistics. Although these models do have a complex nature and are hard to implement, PyTorch smoothens these difficult natural language processing models to make them much easier and more efficient. Right now, Salesforce is utilizing PyTorch for multi-task learning and NLP.

Computer vision

You can utilize computer neural networks to reinforce the development of image classification, object detection, and generative application. The framework also helps the programmers to process images and videos through which they will be able to construct a detailed and unambiguous computer vision model.

Reinforcement learning

You can easily control the motion of robots, create business development plans and reinforce robotic processes with the help of PyTorch.

How data scientists can work with reinforcement learning with the help of PyTorch

For data scientists, there are multiple use cases of PyTorch in the deep learning field. Moreover, you can experience better results with the implementation of PyTorch in multiple projects regarding style transfer, image classification for identifying fake goods, etc. 

Currently, tech giants are also using PyTorch for natural language processing. If we carefully look at the progress and implementation of PyTorch in the field of deep learning and artificial intelligence, learning this framework as one of your technical abilities can open up lots of future opportunities for you.

Reference links:

https://medium.com/geekculture/how-pytorch-helps-data-scientists-in-reinforcement-learning-a8843e441c1

https://towardsdatascience.com/minimal-pytorch-subset-for-deep-learning-for-data-scientists-8ccbd1ccba6b

Build on the most powerful infrastructure cloud

A vector illustration of a tech city using latest cloud technologies & infrastructure